Search dyami insights

“Shock” Victory Most international news outlets expressed shock and surprise regarding the Partij voor de Vrijheid’s (PVV) performance in the November 2023 general elections in the Netherlands. The election results are presented as unprecedented for a socially liberal country, where the PVV, achieved their greatest ever number of seats in the House of Representatives since the inception of the party. With such a significant shift in political attitudes in the Netherlands, the recent election results are bound to have implications for Dutch security and foreign policy. Ascent of the Right in Europe However, certain news outlets, such as Al-Jazeera and Reuters have remarked that the PVV’s election results follows a broader shift to the right in Europe. All across Europe, far right parties seem to be making political gains. Far-right parties have been elected in Italy and Slovakia, extended their rule in Hungary, earned a coalition role in Finland, become de facto government partners in Sweden, entered Parliament in Greece, and made striking gains in regional elections in Austria and Germany. The ascent of the far right in Europe can be explained by an increase in voter dissatisfaction with mainstream pro-establishment politicians. The international media explains the PVV’s election results as a consequence of energy inflation due to souring relations with Russia over the Ukraine war. As such, Wilders used his anti-immigration political strategy to appeal to disenchanted voters affected by the cost of living crisis. A Dutch “Donald Trump” Wilders’ has often been likened with former US President, Donald Trump due to his anti-immigration policies and combed-back, dyed blond hair. Parallels have been drawn with Trump’s particular brand of populism rooted in nativist and anti-establishment rhetoric. Wilders promoted politics of division similar to those of Trump, promising to put Dutch people first and opposing multiculturalism. The international media has been comparing the 2016 US Presidential election and the Brexit referendum to Wilders’ ability to mobilise moderate right wing-voters towards the far right. Bad news for the European Union European news outlets, in particular, are discussing the potential impact a Wilders-led cabinet may have on the Netherlands’ foreign policy towards the EU. There is a consensus that the election results present potentially negative prospects for Dutch-EU relations. There is widespread agreement in the media that a “Nexit” referendum is unlikely to happen as Dutch public opinion is against leaving the EU after Brexit seems to have had an unfavourable outcome for the UK. However, this does not mean that tensions with Brussels should not be expected. If Wilders does succeed in forming a government coalition, the EU will find itself with a much more difficult partner than it did with former Dutch Prime Minister, Mark Rutte. A seat for Wilders around the EU summit table would transform the dynamic, as he will align himself with other far-right and nationalist leaders already in post. The international press warns that such an alignment is likely to affect EU-wide policies on asylum, climate change, and aid to Ukraine. Furthermore, regarding the issue of Ukraine, the PVV promised to cut “scarce military and financial resources” and use them to bolster the Netherlands’ own national security. The PVV manifesto also does not mention sanctions or other punitive measures in relation to Russia’s 2022 invasion of Ukraine. With talks beginning on Ukraine’s accession to the EU, it is likely that a Wilders-led government will attempt to block Ukraine’s entry into the EU due to declared migration concerns from Eastern Europe. Times of Uncertainty Most news outlets highlight the structural constraints of the Dutch political system. As the Netherlands has a multi-party proportional representation electoral system, no single party is able to secure an overall majority of votes in the lower house of Parliament. Normally, several parties must cooperate in order to form a coalition government. Whilst the PVV may be the largest party in the Dutch Parliament, it has only managed to secure 37 of the total 150 seats available. A government would need 76 seats to have a majority. There are significant doubts that Wilders will be able to garner enough support to achieve a government coalition after the PVV has been excluded in the past by mainstream Dutch political parties. If no government coalition can be formed, the Netherlands may have to hold another round of elections. Protests have been held in cities such as Utrecht and Amsterdam with a significant portion of the Dutch population expressing discontent with the results of the general election. The international media suggests that the Netherlands may be heading towards a period of political instability and division. Fears for the Muslim Community A large part of the Muslim community expressed fear and disappointment towards the election results. Due to Wilders’ anti-Islam rhetoric, many Muslims may feel uncertain about their future in the Netherlands. The international press has gathered statements from a number of Muslim organisations and politicians in the Netherlands. They are hoping that the PVV will respect the rule of law as the party has promised to work within the constitution and not pursue a ban on Islam and mosques in the Netherlands, as stipulated by the PVV’s manifesto. Many believe the PVV to be a threat to Dutch democracy and tolerance. Due to the growing support for the far right in the Netherlands, the Muslim community is concerned that they will be facing increasing discrimination and may be portrayed as “second-class citizens” by a Wilders-led government. There are significant fears for the safety of Muslims and asylum-seekers in the country. Conclusion The international coverage of Geert Wilders has focused on his surprise victory and the consequences it has for communities in the Netherlands. While the coalition negotiations are ongoing, the international media has depicted the win as a dilemma for international security. Regarding European security, Wilders is thought to be more sceptical of funding for Ukraine and the possible enlargement of European Union membership. The agenda setting power of the Dutch prime minister in the European Council will likely influence the direction of EU foreign and domestic policy. With far-right leaders making gains across Europe, a crackdown on migration and stricter asylum policies are likely to be pursued.

Enhancing aviation security solutions Press Release Date: December 14, 2023 Utrecht, December 14, 2023 — Dyami, Corposec, and Tarmak Aviation are excited to announce a strategic partnership aimed at integrating their extensive expertise in aviation security to offer one-stop-shop solutions. This collaboration will bring together the unique strengths and capabilities of each company to provide comprehensive and innovative security solutions to the aviation industry. All three companies share the vision that security needs to come with a personal touch. About the Companies Dyami offers a comprehensive one-stop aviation security solution designed to assist airlines, aircraft operators, and airports in enhancing their capabilities and capacity, streamlining operations, and bolstering security measures. Founded in 2019 by Eric Schouten, a former aviation liaison officer at the Dutch General Intelligence and Security Service, Dyami aims to make aviation more secure by providing accessible and cost-effective security & intelligence services to the aviation sector. Corposec is a proven expert in aviation and supply chain security and compliance, providing a range of cutting-edge security solutions from trusted partners. Founded in 2015 by security veteran Elad Gadot, Corposec focuses on developing innovative solutions to ensure the security of businesses, customers, employees, and partners, from targeted consulting to practical implementation & overall management of the company’s security operations and compliance system. Tarmak Aviation, based in Belgium, and founded by Thomas De Maertelaere, who started his aviation career in 2015, specializes in providing all-round consulting in the cargo aviation industry. They aim to act as a one-stop shop, bringing together experts to assist in overcoming various challenges in the industry, offering tailor-made consulting under one roof, ranging from IATA Dangerous Goods and ground operations training to auditing and beyond. Strategic Collaboration This partnership will leverage the combined knowledge, experience, and innovative solutions of the three companies to address the increasing security challenges in the aviation landscape, including emerging threats and complex regulatory requirements. The collaboration will focus on ensuring the safety and security of passengers, crew, cargo, and assets and providing a holistic approach to security risk management, resulting in more secure and efficient airline or charter operations. In a world where security is paramount, this strategic partnership represents a significant step forward in creating a safer and more secure aviation environment. By combining their expertise, Dyami, Corposec, and Tarmak Aviation are poised to deliver unparalleled security solutions, contributing to the resilience and protection of the aviation sector. For more information, please contact. Eric Schouten; eric@dyami.services | www.dyami.services Elad Gadot; elad.gadot@corposec.at | https://www.corposec.at/ Thomas De Maertelaere; thomas.dm@tarmak-aviation.com  | https://www.tarmak-aviation.com/

Trojan horses en mass The western market has experienced a sharp increase in the sales of Chinese produced cars in recent years. While Chinese cars used to be almost unavailable on the western market due to safety standards, by failing them horribly, the newest products are not held back by this. Brands such as Build Your Dreams (BYD), Xpeng, Nio and Great Wall all have seen a surge in sales in for example Europe, ranging from +100% to over +400% sales. The Polestar brand has already been popular in Europe for the past years, but these days both itself as well as the Volvo parent company are Chinese owned. Another example is the brand MG, with a heritage of British sports cars, the brand is now in Chinese ownership. While the safety of the vehicles is not up to question anymore, the data security they (don’t) provide should be very much so. You can only fear, what you can imagine What implies Chinese cars would be used for spying? Last year, China banned Teslas from driving in and around certain locations or events. Additionally, government officials and employees were prohibited from owning and driving Teslas. The reason? China accused the cars for potentially being used as espionage equipment. The accusation itself is enough to raise suspicion on any new car China produces and exports to Europe, the US or anywhere else in the world. This is because if China can imagine that Teslas could be used for such a purpose, China can certainly imagine using their cars for such means abroad. Precedence (is extensively discussed on pg.4, two examples found here) Huawei: Chinese phone company Huawei has already been banned or restricted across the EUand the US, because of security concerns related to the personal data of users being distributed to Chinese intelligence. This was preceded in multiple nations with a ban on Huawei use for government officials. Tesla: Ironically, Tesla has actually been caught for spying on their customers. However, data was not being used for government purposes (as far as publicly known). Tesla employees were caught intersharing private moments/conversations of people’s lives which were deemed entertaining to watch, caught by the exterior and interior cameras of their vehicles. Additionally, it was discovered that the videos were geolocated and linked to customers. European brands: Although there is no publicly known precedence on this, it is more likely than not that these brands are used for spying by European actors. What is very important in this is awareness of which brands were previously European, but are now Chinese owned (as discussed on pg. 1). Thank you for all your data Modern luxury cars come with an array of gadgets and instruments on board. The most interesting for the subject at hand being both out- and inward facing cameras, microphones, gps systems, internet connection and phone connectivity. Cameras and microphones Modern cars come equipped with outboard (and some even inboard) cameras. These are not only used for safety systems on board, but also as recording devices. The recording function is marketed as a replacement for traditional dashcams, being able to deliver both video as well as audio in case of for example a crash. This function can easily be used to record people, events and locations out and inside of the car, which it can then share elsewhere for further analysis. Classified government conversations, classified locations or even corporate secrets can be revealed, located and analyzed as a consequence. GPS systems GPS systems are a standard built in feature in modern luxury cars. These systems are always on, even when not used for navigation. Just like phones, these systems will be able to establish behavioral patterns and important locations visited by persons of interest, even if these are not inserted into the GPS system manually. Internet connection Most modern EVs come with internet connection, not only for the operator of the vehicle, but also for ‘over the air’ updates for the vehicle itself. This connection to the internet can not just download data to the car for an update, but just as easily upload data to the factory of the car. In the case of Chinese built cars, sensitive information could be shared to Chinese government departments. This can range from GPS data, audio and video footage to phone data. Which brings us to the last option: Phone connectivity Connecting a phone to a car in order to be able to listen to your own music, call handsfree or send texts through voice control functions may seem innocent enough. However, this function gives the car access to all of the phone's communication data, and sometimes even the photo gallery. The security risk then does not only fall on the operator of the car, but also anyone who communicates with that person. Chat history can be shared, and phone calls recorded. This can then be shared to whoever is interested in the data in China. Balancing act An obvious first response to counter this security threat would be to ban Chinese cars outright, however, this is not a realistic solution. German car manufacturers have a very big market share in China itself, and any ban on Chinese cars would be very likely to automatically invoke a counter ban on European cars in China.  This will bring not only significant short and long term monetary damage to those car manufacturers, but also hurt diplomatic and trade relations with China. A more realistic approach could be for governments and corporations to place a ban on Chinese cars for their own employees. This is comparable to the ban on Huawei phones governments had for their employees, before the outright nationwide ban on the phones. One way to possibly ban certain models or brands, could be to investigate model by model whether the cars are capable or are in fact actually sharing data with their companies, beyond what is allowed under local law. In the EU, the GDPR law would then be able to stop certain cars from being sold. This however would be a time consuming feat. Is There Really A History Of Chinese Spying? Recent history is rife with allegations against Chinese companies regarding surveillance and espionage, not all unfounded. The narrative intertwines actual incidents with geopolitical tensions and industries tied to Chinese manufacturing, such as surveillance equipment, telecommunications, and robotics. Concerns are amplified by China's ambiguous intellectual property laws and the presumption of state involvement in corporations. Key players in these allegations include Lenovo, Huawei, ZTE, and DJI. Lenovo faces scrutiny for its devices in government networks, and DJI for its drones used in government operations. Huawei and ZTE, while consumer favorites, are also under suspicion. These companies' state affiliations vary: Lenovo has indirect state connections, Huawei is a state-owned enterprise with private oversight, ZTE is not CCP-owned but is government-dependent, and DJI asserts its independence. However, evidence, mostly classified or leaked, is sparse. Hikvision and Dahua, implicated in potential data leaks to the Chinese government, faced a UK ban. TikTok, a ByteDance product, is scrutinized for data privacy and potential misuse for Chinese state purposes. An internal ByteDance investigation revealed unauthorized access to US user data. Chinese laws notably influence these concerns. The National Intelligence Law of 2017, for instance, obligates all Chinese organizations and citizens to support state intelligence work. This law intensifies fears that companies could be compelled to assist in intelligence operations or surrender data if requested by the government. Critics argue this law effectively blurs the lines between corporate operations and state intelligence objectives. The concerns about Chinese corporate espionage are multifaceted, rooted in legal obligations, product nature, ownership structures, and broader geopolitical tensions. While Taiwanese companies like Foxconn face less suspicion despite delegating some operations to China, Chinese firms are scrutinized for potential collaboration with the Chinese government, highlighting a complex landscape of security concerns and international relations. At this point, many of the concerns regarding Chinese surveillance via electronic devices can be validated by the explicit actions of the Chinese threat actors through various cyber campaigns, and less through the quiet subterfuge of “Trojan Horse” devices. What is wisdom? In the current world where not just the Chinese, but every new (electric) car is outfitted with cameras, microphones, internet connection and phone connectivity, it is a matter of choosing not IF you’re going to be spied on, but by who. Whether governmental or corporate, it is important to be aware of the capacities and capabilities of modern cars. While it is difficult for governments to outright ban certain car brands from the market, it is more plausible to forbid governmental employees to drive specific brands. For companies, this can be more difficult, depending on the local employment laws.

The US failed to agree on an extra budged to support Ukraine in its war against Russia, among other things. What does this mean for Ukraine?

Date: 08/12/2023 Where: Cumbria, UK Who’s involved: Sellafield Nuclear Site, The Guardian news organization, unnamed Chinese and Russian threat actors, UK Government What happened: As part of a broader investigation by The Guardian, a series of claims were published in early December 2023 suggesting that the Sellafield nuclear site, which engages in nuclear fuel reprocessing, nuclear waste storage, and weapons decommissioning, had been compromised by cyber threat actors affiliated with Russia and China. The report alleged that these groups had successfully hacked the site's computer systems, leaving malware undiscovered for years​. Cybersecurity issues at the site have been documented for over a decade. A 2012 report warned of "critical security vulnerabilities"​​. The accusations by The Guardian’s report say that breaches were first detected as far back as 2015, with sleeper malware embedded in Sellafield's computer networks​​​​. This is a type of backdoor in a computer system or network that is intended to activate when a certain future condition is met. As the reports are currently unspecific, it’s unclear if the malware has been eradicated or the full extent of any data loss or ongoing risks. The hack possibly compromised sensitive activities like radioactive waste monitoring and fire checks​​. On 4/12/2023, the UK government, including Sellafield Ltd and the Office for Nuclear Regulation (ONR), issued statements strongly denying the Guardian's report. They asserted that there were no records or evidence of a successful cyberattack by state actors at the Sellafield site. Part of the denial emphasized that critical networks essential for safe operations at Sellafield were isolated from their general IT network, likely referring to a practice known as “Air Gapping”, ensuring that an attack on the IT system would not penetrate these critical systems​. While denying the cyberattack, the ONR acknowledged that Sellafield was not meeting certain high standards of cybersecurity required by them and had placed the plant under significantly enhanced attention but did not comment on breach details or cover-up claims​​. Despite the challenges, Sellafield insists that it takes safety seriously, with continuous measures and reporting on nuclear, radiological, and conventional safety​​. Analysis: While significant, these claims have not yet been independently verified. Not enough details regarding the claims have been made public. Despite having a reputation as a major news source, security practitioners still have to take The Guardian’s findings at their word for the time being as of 07/12/2023. The lack of details in the claims may be coming for a future report, or may be an effect of The Guardian doing its diligence to not implicate the identity of their source. Sellafield, with a history of incidents, contains significantly more radioactive material than Chernobyl​​. An accident at Sellafield could lead to a plume of radioactive particles affecting neighboring countries, raising significant international concerns​​. There is a history of criticism regarding the site's basic safety requirements, long-term dangers, and alleged cover-ups​​. In the past, leaks and safety issues have caused tensions with Norway and Ireland, with concerns about potential radioactive contamination​​. The ONR's latest review indicated the need for improvements in safety, fire safety, and cybersecurity​​. The specific claims need to be weighed against these factors: The strong denial by the UK government and Sellafield Ltd, the lack of direct public evidence, and the challenges in independently verifying such claims make it difficult to definitively assess their validity without further corroborative evidence. Conclusion: The Guardian's unconfirmed allegations about a security breach at Sellafield nuclear power plant underscore the need for stringent safety and cybersecurity measures in critical infrastructure, particularly those with hazardous materials. These sites are prime targets for both state-backed and criminal threat actors, impacting national security and public safety. The UK Government claims to have adequate cybersecurity measures in place at Sellafield, possibly relying on precautions like Air Gaps, which require physical presence for a breach. However, the UK's history of limited disclosure in cyber incidents warrants scrutiny. This incident's timing is crucial as the UK aims to significantly boost nuclear power by 2050, where Sellafield's security concerns could hinder these plans. The Guardian's confidence in its report, despite lacking detail, suggests protection of a sensitive information source. The ONR's comments about Sellafield's cybersecurity shortcomings highlight the need for ongoing improvements in security protocols for critical infrastructure.

Date: 06/12/2023 Where: Guyana Essequibo - Venezuela - Guyana Who’s involved: Venezuelan President Nicolas Maduro, Guyana President Dr Mohamed Irfaan Ali, International Court of Justice (ICJ), Brazilian National Army What happened? On Sunday, 03/12/2023, Venezuelans voted in favor of claiming sovereignty over the oil-rich Essequibo region, long contended with Guyana, in a referendum. According to Venezuelan authorities, over 95% of the voters supported the claim. Yet, the transparency and credibility of the results is questionable. The president of Venezuela's National Electoral Council (CNE) celebrated the massive popular support for the referendum due to a "historic turnout" that exceeded 10 million votes out of the approximately 20 million eligible voters. However, according to available data and photographs of empty polling stations posted by social media users, it is suspected that the actual referendum participation was remarkably low. Several opposition figures have said that the low turnout is a clear demonstration of the regime's failure, despite claims of success by the Maduro government. In the referendum, Venezuelans were asked if they agreed with the creation of a new state in the Essequibo region, granting its population Venezuelan citizenship. However, the referendum was initially described as consultative, and no indication was given of how Maduro would implement the outcome of the vote. On 05/12/2023, President Maduro ordered the “immediate” exploitation of oil, gas, and mines in the Essequibo region by granting operational licenses to the state-owned oil companies PDVSA and CVG. Moreover, Maduro announced the creation of a special military division focused on the disputed area called the Comprehensive Defense Operational Zone (Zodi). The President also told foreign oil companies in the disputed area that they have three months to withdraw their operations. On the same occasion, the new official Venezuelan map was released, redrawn with the Essequibo as the 24th proclaimed state of Venezuela, which will immediately replace the former one and be included in all school books. Despite the initial skepticism about Maduro’s intention to invade Guyana’s territory, Guyana’s President Ali said on 05/11/2023 that the recent actions of Venezuelan authorities are posing an “immediate and direct threat to Guyana's territorial integrity, sovereignty, and political independence.” President Ali also announced a high alert for the Guyana Defense Forces (GDF) and contingency plans to deal with an escalation of the situation. Guyana’s President said that the dispute would be reported to the UN Security Council. Despite the concern that the Venezuelan referendum served as a “pretext to annex” the Essequibo region, the Guyanese President stressed that the dispute would be resolved through international law, following the ruling of the International Court of Justice (ICJ), with the assistance of the international community. He also reassured foreign investors that Guyana remains a safe and democratic country for investment and business. On 05/12/2023, Brazil reinforced its northern border with Guyana and moved armored vehicles and more troops to the city of Boa Vista. Earlier in the day, the Guyana Defence Force (GDF) released a statement announcing the strengthening of bilateral ties and cooperation, including on defense and strategic affairs, between Guyana and Brazil. Scenarios: President Maduro's decision to hold a national referendum regarding the disputed area of Essequibo could be a political move to distract the population from domestic issues, foster national cohesion, and gain support. However, recent developments suggest that Maduro may be preparing to proceed with the military annexation of the Essequibo region. Several incentives and deterrents for military action can be identified. Incentives for action: The referendum results could justify Venezuela's attempt at annexing the Guyanese-controlled Essequibo region. Several factors could prompt this. Venezuela has claimed the Essequibo territory for almost two centuries based on historical rights. The dispute can be traced back to 1815 when the border between Venezuela and the former colony of British Guyana was established by the colonizers. Venezuela has significantly more military capability than Guyana, if Guyana does not receive any military support from other countries. The disputed territory is rich in natural resources, which makes it attractive for Venezuela. The annexation could be used as a political tool to distract public and international opinion from the upcoming 2024 elections and delay electoral and democratic concessions granted by the government. Authoritarian leaders have started conflicts in the past to remain in power. Recently, other countries have annexed land successfully with little international intervention. Russia annexed Crimea in 2014 and Eastern Ukraine in 2021, and Azerbaijan re-took control of Nagorno-Karabakh in 2023. Maduro might use these examples as an incentive for his actions. Deterrents for action: While there are incentives present for Venezuela to escalate the conflict with military actions, other factors may discourage a military invasion of Essequibo. Although Venezuelan military power overpowers that of Guyana, its military appears to be obsolete and poorly organized, which makes it difficult to launch an effective and unified offensive into Guyana. The Maduro government lacks full control over territories close to the border with Guyana. Non-state armed and criminal groups have increased rapidly in the region. Therefore, the Venezuelan military may not be able to launch an offensive from these territories. Any Venezuelan military operation will result in some kind of regional and international response ranging from the reinstatement of recently eased sanctions to military intervention or peacekeeping missions in support of Guyana. International military intervention, as well as the establishment of sanctions, could act as a deterrent. In recent weeks, the Venezuelan government achieved the easing of U.S. sanctions by granting political and electoral reforms, including allowing the opposition to participate in the 2024 election. However, the U.S. is likely to re-impose the sanctions if Venezuela invades Guyana-Essequibo. The risk of jeopardizing the country's recently improved economic and diplomatic situation could make Maduro reconsider any annexation plan. Conclusion: In conclusion, the prospect of Venezuela annexing the Guyanese-controlled Essequibo region is marked by a complex interplay of incentives and deterrents. While historical claims, military capabilities, and the allure of natural resources provide motives for such action, significant hurdles, including the weaknesses in the Venezuelan military, the presence of non-state armed groups, and the threat of an international response, act as formidable deterrents. Moreover, recent diplomatic gains and the easing of U.S. sanctions hinge on the Maduro government's adherence to political and electoral reforms, making the risk of jeopardizing these advancements a crucial factor that could sway the decision-making process. The many options and quick developments make the situation hard to predict. However, with Maduro issuing a directive for the "immediate exploitation" of oil, gas, and mining resources and the creation of the “Zodi” special military division in the contested area, the likelihood of imminent military action has increased. As the situation can change rapidly, it is recommended to have preparatory evacuation plans in case armed conflict would break out.

Executive Summary The last few months showed a significant and concerning increase in conflicts all across the globe causing many overflight and landing and departing risks that should be well monitored. Timely analysis and accurate information regarding new threats are necessary for planning ahead and taking precautionary measures. There are several new threats which pose potential risks for business aviation around the world. A rise in fake bomb threats has caused many delays and disruptions at airports. Over several countries in the Middle East, GPS spoofing is affecting aircraft ranging from business jets to 777s, potentially leading to serious incidents. Conflict is brewing in the Southern Caucasus, with Azerbaijan potentially not being satisfied after claiming the Nagorno-Karabakh. India is developing into a new hub for the trafficking of valuable items such as wildlife and gold. 1. Global 1.1. GPS Spoofing The frequency and intensity of GPS spoofing incidents is on a rise. For now mostly found over Iraq, but it can be replicated all over the world. GPS spoofing has been shown to put aircraft upwards of 200 nm off of their flight path. 1.2. Drug trafficking Business model jets have been and continue to be used for drug/contraband smuggling across the globe. These flights are usually to and from Latin America, Ethiopia and India. The aim of using business jets instead of commercial aviation is to lower the chance of getting caught, and increase the volume per flight. 1.3. Human trafficking In order to improve the ease of human trafficking, and to stay away from prying eyes of airport security as well as cabin crew, traffickers prefer to use business jets if they can. This presents a worldwide challenge that is hard to combat. 1.4. Valuables trafficking Ethiopia and India have become hubs for trafficking of valuables, such as wildlife and gold. While the majority of the detected smuggling was on commercial flights, there has been an increase in (attempts to) smuggle with business jets via smaller regional airports. 2. Europe 2.1. Climate activism European airports are still targeted by climate activists who are mainly focusing on the business aviation sector. Besides physical damage, the protests result in disruptions and closures of airports, forcing jets to divert elsewhere. 2.2 Drugs smuggling At Amsterdam Schiphol airport seven employees have been arrested for their involvement in the smuggling of drugs at the airport and in the belly of aircraft. 2.3 Airport threats In the month October multiple bomb threats occurred in airports in multiple countries in Europe. The threats were made by sending emails to authorities. Most airports were evacuated as a result from the threat causing long delays and disruptions at the airports. 2.4 Overflight risks Due to Russian military fighter jets present, overflying the Black sea should be avoided. The Barents Sea. where Russia has been holding several nuclear missile tests and should also be avoided. 3. Middle East 3.1. GPS spoofing GPS spoofing has been increasing in multiple countries in the Middle east creating dangerous situations where aircraft near unsafe territory. 3.2. Overflight Risks Recent developments in the region have caused a need for extra security measures differing per country. These are important to adhere to, as ignoring the risks while overflying can lead to catastrophic results. 3.3 Israel- Hamas war On October 7th Hamas militants launched an assault on Israel from the Gaza strip, killing 1.200 people and taking more than 200 hostages. Since then the Israeli Defense Force (IDF) has struck back by starting a war between Hamas and Israel. The war in Israel has caused several airspace restrictions due to anti-aircraft weapons being used from multiple countries. Flying over ISRAELI airspace should be avoided. In Egypt, aircraft operators need to have caution flying over the Northern Sinai Peninsula and the Red Sea due to anti aircraft weaponry being used. Flying below FL260 should be avoided. The vast majority of Yemeni airspace should also be avoided. In the southwestern part of Saudi Arabia FIR operators should also exercise caution due to a risk of drone and missile attacks. 4. Asia 4.1. New Zealand pilot hostage in Papua On February 7, independence fighters from West-Papua took a pilot from New Zealand hostage in exchange for independence from Indonesia. In May a video message appeared in which the pilot said that if demands are not met within two months, he will be executed. Several rescue attempts have failed, resulting in casualties on both sides, and the demands of the hostage takers were lowered. As of September, a rebel spokesperson admitted there has been no contact for three months, and since then no updates have been released on the situation. 4.2 Caucasus tensions Tensions on the border between Azerbaijan and Armenia are still prevalent after the military operations performed on September 19 by the Azeri authorities. While further peace talks are underway between the two countries, significant progress has not been reported. However, both leaders have stated that a peace deal is possible before the end of the year. Overflying the Armenia Azerbaijan border area should still be avoided at the moment. Overflying Georgia using waypoints DISKA and ADEKI is preferable, as BARAD skims the border of both nations. Both nations have long range air defense systems with ranges up to and exceeding 100 km in radius, and up to 30 km in altitude. 4.3. Regional instability Political instability has led to recurring protests and (armed) attacks, particularly in northern India, Pakistan, Myanmar and the border region of Armenia and Azerbaijan. Instabilities prove themselves risky to aviation, including business aviation. The instability in northern India poses a serious risk to aircraft on the ground, while the unrest in Pakistan and Myanmar introduce threats to overflight as well. As a result of proliferation of anti-air weapons, a minimum of FL300 is advised. 4.4 Increase in drug smuggling Drug smuggling through South Korea's Incheon International airport has increased. The amount of narcotics intercepted has risen from 129,362 grams in 2020 to 538,241 grams in 2022. Highlighting the need for stronger border enforcement. 4.5 Airport bomb threats On october 4th, 42 airports across the Philippines were ordered to step up their security by authorities over an anonymous email threat saying that aircraft flying out of Manila to several tourist destinations could explode. Despite this threat operations remained normal and there were minimal flight delays. 5. Africa 5.1. Overflight risks Recent developments in the region have caused a need for extra security measures differing per country. These are important to adhere to, as ignoring the risks while overflying can lead to catastrophic results. 5.2. Political instability Political instability has resulted in unpredictable protests and revolts throughout Africa. It is important to stay up-to-date with the latest developments to minimize the risk of getting caught in armed violence while staying in a vulnerable African country or region. 6. North America 6.1. Trafficking Over the last two months, cartels and other criminal organizations have continued to use private aircraft to smuggle narcotics and for human trafficking. The lack of security for private flights, especially at smaller regional airports, makes it easier for traffickers. 7. South America 7.1. Trafficking Cartels continue to use private aircraft for drug trafficking throughout the continent. Criminal organizations use old aircraft for these flights because a large number of aircraft are destroyed after only a small number of trafficking flights. 7.2 Regional instability Tensions between Venezuela and Guyana have been rising. Venezuelans just voted yes in a questionable referendum to claim part of the Essequibo region currenty belonging to Guyana as their own. Actions that the Venezuelan government might undertake to physically claim the region are not yet known. 8. Oceania There were no significant events in Oceania in the months of October and November. Forecast The months of October 2023 and November 2023 have seen a significant rise in conflicts and tensions, with the war in Israel that started on October 7th and rising tensions between Venezuela and Guyana. The situation in Africa is also worsening. There are a lot of overflight risks and do not fly zones in the Middle East and Africa but also still in the Caucasus region due to these tensions. The threat of GPS spoofing in aviation is also still growing, affecting even more regions, which is both a security and safety risk, and will increasingly become so as more and more modern aircraft rely solely on GPS for their navigation. GPS spoofing can cause aircraft to drift into unfriendly skies , or into the path of other traffic. Mitigating spoofing means returning to rudimentary means of navigation, although multiple manufacturers have found and shared methods to defeat GPS spoofing. 1. Global 1.1. GPS Spoofing GPS spoofing is a growing trend facing the aviation sector. GPS spoofing is more dangerous than jamming, as most civilian aircraft are not equipped and/or capable of detecting GPS spoofing. This can result in extremely dangerous situations, where aircraft stray from their flightpath without realizing, causing the aircraft to deviate up to 200 nm. This can lead to a multitude of consequences; from straying into the path of other (oncoming) traffic to, in a worst-case scenario, crossing into unfriendly skies, resulting in an intercept or even shootdown. Aircraft ranging from Falcon 8x to Boeing 777s have been affected by GPS spoofing. 1.2. Drug trafficking Drug trafficking is still a present risk for business aviation. For organized crime groups and cartels, business aviation is often the preferred method of transportation. There are numerous cases of drugs, or other valuable goods such as wildlife and gold, trafficked by cabin and flight crew on commercial flights. It is possible that cabin or flight crew on private jets could also smuggle illegal goods, emphasizing the need to be vigilant. Throughout Latin America, cartels have continued to use business jets to smuggle large amounts of narcotics over long distances. These jets are often acquired in the United States and then destroyed after a single or very few flights to avoid detection. It is important to clearly identify when asked to minimize the risk of misidentification by law enforcement and/or the military. India also has become a major market for both drugs demand and supply side. The drugs in India are mainly coming from Pakistan, Myanmar, Nepal, Afghanistan, Nigeria, Ethiopia, Uganda and sometimes via Dubai or Sharjah. The central government has been urged to tighten up border security. 1.3. Human trafficking With human trafficking still being a major issue today, the involvement of business aircraft is to be expected. In commercial aviation steps have been and are still being made to improve the awareness and the prevention of human trafficking. While most of these measures have generally been effective for commercial aviation, it could push human traffickers into finding other solutions. One of these solutions for human traffickers is business/private aviation. If a trafficking organization can overcome the increased costs of using business aviation, it allows for flights to smaller airports with less experienced and limited security compared to larger commercial airports. Additionally, it is easier to bribe or blackmail security personnel to turn a blind eye to human trafficking, especially in unstable countries or regions. 2. Europe 2.1. Climate activism European airports are still targeted by climate activists who are mainly focusing on the business aviation sector and calling for the sector to become more sustainable. One of the groups active at Dutch airport Maastricht Aachen is Extinction Rebellion, having had multiple protests in the past months. Extinction Rebellion has said to continue their protests at Maastricht Aachen airport until the airport will have a policy that concerns the liveable earth in the future. Besides physical damage, the protests result in disruptions and closures of airports, forcing aircraft to divert elsewhere. 2.2 Drugs smuggling At Amsterdam Schiphol airport seven employees have been arrested for their involvement in the smuggling of drugs at the airport. They are suspected for bringing narcotics and drugs in the airport and in some cases also in the cargo hold of the aircraft. The aircrafts were headed towards Asia where tens of kilo’s have been intercepted. 2.3 Airport threats In the month October especially in the week of the 16th there have been multiple bomb threats in airports in multiple countries in Europe. In Italy an airport was evacuated due to an alleged bomb threat suspending multiple inbound and outbound flights on Oct the 17th. On October the 18th 6 airports in France were evacuated after being emailed over ‘threats of attack’. Multiple reports of forgotten luggage were made. That same day Belgian Ostend Airport was evacuated due to a bomb threat reportedly via a threatening email. German airport Weeze also encountered a bomb threat on Oct 18th which turned out to be false. The day after on the 19th another 14 airports in France received bomb threats of which 8 were evacuated. The whole airport was evacuated. In the German airport of Hamburg a hostage situation took place on the tarmac beneath a Turkish Airlines aircraft. The man holding his daughter hostage for 18 hours was able to breach security carrying a firearm and throwing burning bottles. 2.4 Overflight risks Putin has ordered Russian planes armed with Kinzhal hypersonic missiles to patrol over the Black Sea. In October three British military aircraft were joined by two Russian Su-27 fighter jets steering them off the Russian border. There is a high risk of GPS interference overflying the Black Sea Simferopol FIR, Rostov FIR and Odessa FIR going over the black sea should be avoided with a buffer zone of 200 NM. Overflying the Barents sea is also unsafe due to Russian nuclear-powered missile tests being held in that area. 3. Middle East 3.1. GPS spoofing GPS spoofing is still increasing with more and more incidents reported in the Middle east. In October reports from spoofing in Egypt, the eastern mediterranean, Jordan and on approach to Ammam were reported. Israel is also reportedly using GPS spoofing to protect its aircraft. Flights from Ben Gurion are being led towards Lebanon with spoofed signals and false positions that showed aircraft above Ben Gurion airport when they were more than 212 nm away from the area. This brings both safety as well as security risks, as GPS spoofing can without warning deviate an aircraft (reported up to 80 nm, but theoretically endlessly) from its intended flight path. This can bring aircraft into the flight path of other (oncoming) aircraft, or even worse, bring the aircraft into unsafe airspace. This could lead to an aircraft being intercepted, or even shot down. GPS spoofing will in most civilian aircraft not produce a warning, as the computer still receives a strong and clear GPS signal, albeit an incorrect one. GPS spoofing effects have for now been stopped by pilots who were lucky enough to see the moment their GPS jumped location when the spoofing started. In case of GPS spoofing, for now only dead reckoning or radar vectors can provide a navigational alternative. This is because within minutes, GPS spoofing will make the INS faulty on modern aircraft. 3.2. Overflight Risks Developments in the region have caused a need for extra security measures. These include an advised minimum flight level of 320 over Iraq, with a focus on northern Iraq. Additionally, GPS interference is to be expected when overflying the country as well as over Egypt, Lebanon, Jordan, the Eastern Mediterranean, Israel and Turkey. The airspace above Iran, Afghanistan (except for P500/G500), Yemen and Syria is still unsafe for Western aviation. Overflying Saudi Arabia is safe, as long as flying above FL260. 3.3. Israel Hamas war On October 7th Hamas militants launched an assault on Israel from the Gaza strip, killing more than 1.200 people and taking more than 200 hostages. Since then the Israeli Defense Force (IDF) has struck back by starting a war between Hamas and Israel. In the second half of November a ceasefire agreement with Hamas was made to provide aid and free hostages. The US, Israel and Qatar have met on several occasions to discuss the continuation of the ceasefire. The IDF declared that the campaign on Hamas will be continued and that the war will not be over for the upcoming months. The war in Israel has caused several airspace restrictions due to anti-aircraft weapons being used from multiple countries. In Egypt aircraft operators need to have caution flying over the Northern Sinai Peninsula and the Red Sea due to anti aircraft weaponry being used. Flying below FL260 should be avoided. The vast majority of Yemeni airspace should also be avoided. In the southwestern part of Saudi Arabia FIR operators should also exercise caution due to a risk of drone and missile attacks. 4. Asia 4.1. Pilot held hostage in West Papua (Indonesia) The pilot taken hostage in West Papua to demand independence is still being held by his captors. Since the capture on February 7, the hostage takers have freed the passengers and lowered demands. Negotiations have stranded numerous times and several rescue attempts failed, resulting in casualties on both sides. The indepence fighters have threatened to kill the pilot if demands, which are not publicly known, are not met and have published several videos of the pilot in captivity. On July 20, a senior official of the Indonesian military said that negotiation attempts are still ongoing and that the pilot is alive and healthy. As of September a rebel spokesperson admitted there has been no contact for three months, and since then no updates have been released on the situation. 4.2. Caucasus tensions Tensions remain between Armenia and Azerbaijan. This still lingers from the military operation conducted by the latter in September, and the conflict ridden history preceding between the two countries. While both parties are communicating about a peace deal, the slightest upsets or developments cause mostly Azerbaijan to delay talks. Azerbaijan also accuses France of supporting the possibility of a war between the Caucasus neighbors, by delivering arms to (purchased by) Armenia. Due to the (anti-)air capabilities of both countries and the high tensions remaining in the region, the advice for now is to completely avoid the Armenia-Azerbaijan border area, as well as southern Armenia. Crossing east-west should be done over Georgia instead, using waypoints ADEKI or DISKA. 4.3. Regional instability Political instability has led to recurring protests and (armed) attacks, particularly in northern India, Pakistan, Myanmar and the border region of Armenia and Azerbaijan. Instabilities prove themselves risky to aviation, including business aviation. The instability in northern India poses a serious risk to aircraft on the ground, while the unrest in Pakistan and Myanmar introduce threats to overflight as well. As a result of proliferation of anti-air weapons, a minimum of FL300 is advised. 4.4 Increase in drug smuggling Drug smuggling through South Korea's Incheon International airport has increased. The amount of narcotics intercepted has risen from 129,362 grams in 2020 to 538,241 grams in 2022. Highlighting the need for stronger border enforcement. Airline crew also take part in the smuggling of drugs as there is a concerning trend in Vietnamese cabin crew being involved in the drug trafficking previously also having been caught at Incheon Airport in September. 4.5 Bomb threats On october 4th, 42 airports across the Philippines were ordered to step up their security by authorities over an anonymous email threat saying that aircraft flying out of Manila to several tourist destinations could explode. Despite the alert airlines continued to operate as normal causing no delays. The threat received by air traffic services who also received the anonymous email concerned flights from Manila to Davao, Bicol, Palawan and Cebu stating that they will be hit. 5. Africa 5.1. Overflight risks Overflying Africa has risks, which differ per country. Libya and Sudan are the only countries with a do not fly advisory while most other countries can be overflown by sticking to a security advisory. Egypt: advice to fly above flight level 300 over the Sinai region due to terrorist organizations in possession of anti-air weapons Ethiopia: the Tigray region remains unstable even though an official peace deal was signed in November. The advice is to avoid overflying the region because of the presence of anti-air systems. Somalia: advisory to not overfly the country below flight level 300 because of the instability in the country in combination with the presence of anti-air systems. Kenya: the border region has an overspill effect of the civil war in Somalia, thus posing the same threat as in Somalia itself. The advisory is to not fly below flight level 300. Mali: militants are in possession of anti-air systems and thus the advice is to not fly below flight level 300 over the country. Niger: as a result of the political instability, the advice is to avoid flying over Niger Western Sahara: due to the conflict in the region between Morocco and the independence movement in the region, there is a risk of proliferation of anti-air weapons. The advice is to stick to a flight level of 250 AGL or more. Libya: Libyan airspace should be avoided due to the threat of misidentification from Libyan air defense systems and threats by militia to shoot down aircrafts. Sudan: Sudan airspace should be avoided due to risks from anti aircraft weaponry Central African Republic: Due to the situation on the ground landing in Central African Republic should be avoided Rwanda: Due to growing conflict in Rwanda there is an increased risk for landing and departing including diversions near to the shared border with Congo. 5.2. Political instability Political instability has resulted in unpredictable protests and revolts throughout Africa. The political violence in Sudan and Niger has led to serious security risks for aircraft on the ground and overflights. Tension between Democratic Republic Congo and Rwanda is also rising with increased military presence in the region. Political violence in Democratic Republic Congo is also on the rise with several attacks on election candidates for the national elections that will be held on December 20th. It is important to stay up-to-date with the latest developments to minimize the risk of getting caught in armed violence while staying in a vulnerable African country or region. 6. North America 6.1. Trafficking Over the last two months, cartels and other criminal organizations have continued to use private aircraft to smuggle narcotics and for human trafficking. These organizations regularly use private flights to and from smaller regional airports in the south of the United States because of limited security. Airport personnel and/or the flight crew can be coerced or bribed into aiding the traffickers to further ease the smuggling. 7. South America 7.1. Trafficking Cartels continue to use private aircraft, ranging from smaller Cessna to business jets, for drug trafficking throughout the continent. The criminal organizations use old aircraft for these flights because a large number of aircraft are destroyed after only a small number of trafficking flights. These aircraft also pose a risk during flight at low FLs/during departure and descent, as these flights are done without transponders or any form of communication. When returning to your parked aircraft, make sure to check that no one has been on board/accessed cargo hatches to hide illicit goods. If illicit goods are found, take the stance of the local authorities into consideration, as some will imprison crews reporting such goods on their aircraft as the perpetrators. 7.2 Regional instability Tensions between Venezuela and Guyana have been rising. The reason for this is the resource-rich Essequibo strip which lies in Guyana. Recently the government of Venezuela held a national referendum to vote on the establishment of a new Venezuelan state incorporating the entire Essequibo region in its territory. In a very questionable referendum, more than 95% of the voters approved the move to claim the Essequibo strip controlled by Guyana. For now it is unclear what the Venezuelan government is going to do to follow through with the claim . Brazil has responded to the situation by mobilizing troops towards its border with the countries, it is unclear however whether they will actually intervene if a war does break out between its neighbors.

Written by Dyami Editorial Team Russia-Ukraine - Ukraine faces infrastructure issues from both winter weather and Russian attacks, gains continue on the Southern front while Avdiivka holds. Israel-Hamas - The ceasefire and hostages versus prisoners exchange has brought calm to the region for now, but the war between Israel and Hamas will continue. Sudan - Extensive human rights abuses in Sudan’s Darfur and the humanitarian situation worsens due to food and water and food shortages. Myanmar - Escalation of civil war as rebel groups take military-held towns and cities in the east. The Sahel Region - Mali, Niger, and Burkina Faso witnessed a worsening of the security and humanitarian situation and a consolidation of their trilateral ties. Yemen - Potential escalation in Yemen as Houthi rebels fires missiles at Israel and raid ships at international waterway. Bangladesh - Crackdown on opposition party after protests as new elections loom. Argentina - Election of far-right candidate Milei to the Presidency puts Argentina on an uncertain path due to his radical, libertarian political agenda. The Netherlands - Radical right nationalist party PVV wins Dutch elections, heightens terrorism risk to Dutch interests. Guyana-Venezuela - Tensions rise between Guyana and Venezuela over December 3 referendum on the status of resource-rich Essequibo region. Pakistan - Afghanistan - Reports of human rights abuses as Pakistani authorities attempt to expel 1.7 million Afghans. Conflicts - November 2023 1. Russia-Ukraine In November 2023, despite the winter conditions impacting both Russian and Ukrainian military operations, there was an escalation of fighting . The Ukrainian military made gains near Bakhmut and the Dnipro River, while intense fighting continued on the Eastern front, near Avdiivka. Nuclear safety concerns at the Zaporizhzhya plant were highlighted amidst ongoing power shortages. Accusations of war crimes intensified, with more reports of sexual violence perpetrated by Russian forces. Russian missile attacks targeting Ukraine’s energy infrastructure have increased over the past month , intending to disrupt Ukrainian power networks with the onset of winter conditions. Internationally, Ukraine engaged in defense cooperation talks with the US whilst Germany pledged to double its military aid. However, electoral successes by political parties broadly viewed as less supportive of Ukraine in Slovakia and the Netherlands suggest that political support for Ukraine is starting to decrease . In Russia, the trial of opposition politician, Ilya Yashin, commenced. Finland closed the border with Russia for two weeks to halt a large flow of asylum seekers, which Finland claims is expressly orchestrated by Moscow. A newly deployed fleet from several Northern European countries’ Joint Expeditionary Force has increased paranoid rhetoric from Russia. Ukraine’s military faced internal restructuring, and President Zelenskyy has begun to push for further development of the country’s domestic defense production. Despite some success for Ukraine, the war is likely to last into 2025 at least , unless major changes happen. Russia may capitalize on the onset of winter to intensify its military campaign, attempting to leverage Ukraine’s vulnerabilities related to infrastructure and humanitarian needs. 2. Israel-Hamas After the initial attacks in Israel by Hamas in October 2023, the Israeli Defense Forces (IDF) invaded the Gaza Strip in an attempt to neutralize Hamas’ infrastructure and leadership . In the first half of November, the IDF managed to cut off the northern part of Gaza from the rest of the Strip and attacked the Hamas tunnel infrastructure. The encirclement of Gaza City led to a large internal displacement of the population. International pressure on Israel to send in food, fuel, and medicines through the Rafah corridor led to Israel opening the corridor on a few occasions; but according to the United Nations, it was not sufficient. The rocket attacks from Gaza on Israel continued during the fight over Gaza City but decreased significantly. Meanwhile, the IDF continued its operations in the West Bank against Palestinian Jihadist and Hamas cells. Several terrorists attempted to infiltrate Jerusalem, with one group carrying automatic weapons and axes, but were neutralized by the IDF. In the second half of November, the international community put pressure on Israel to enter a ceasefire agreement with Hamas to provide aid and free hostages. On November 24, Israel and Hamas started their first Israeli hostages and Palestinian prisoners exchange and a ceasefire began. Meanwhile, the security agencies of the US, Israel, and Qatar met on several occasions to discuss a continuation of the ceasefire and the exchange of hostages versus prisoners. The ceasefire has held and many Palestinians have returned to Gaza City to retrieve their belongings. The IDF declared that it will continue its campaign to dismantle Hamas in the coming months and that the war is not over. The United States has urged Israel not to occupy Gaza City permanently and not to wage a similar campaign in the south of Gaza. Israel has responded stating that neutralizing Hamas has priority. 3. Yemen Yemen-based Houthi rebels have increased missile attacks fired against Israel in November, most of which were intercepted by Israeli missile defenses or landed in the Red Sea and neighboring countries. The Houthis have targeted international maritime routes and ships in the important Red Sea shipping lane. A group of Houthi soldiers boarded one ship successfully in the Red Sea, claiming that it was owned by Israel. Israeli authorities refuted this and pointed to the ship’s joint ownership of Japanese and British owners with an international crew. In the Indian Ocean, the Houthis attempted to capture another cargo ship and fired a missile at another, but both attacks were unsuccessful. In response, the US National Security Council spokesman John Kirby advocated designating the Houthis as a terrorist organization , which could lead to US missile strikes against Houthi launch pads in Yemen. Despite Saudi efforts to maintain the peace deal between Saudi Arabia and the Houthis, ongoing Houthis attacks against Israel could provoke a further response from the US and reignite conflict in Yemen. 4. Sudan The civil war between the Sudanese Rapid Support Forces and the Sudanese Armed Forces escalated dramatically in November. Fighting intensified in the north of Darfur. The RSF has almost taken the entire region from the SAF and experts have warned of further ethnic mass killings and war crimes. The RSF and Arab militias killed 1,300 non-Arab Masalit civilians in the city of El Geneina in Western Darfur in April of this year. Since the outbreak of conflict in April, 9,000 civilians have died, 4.3 million people have been displaced and at least 1.1 million have fled to neighboring countries such as Chad, South Sudan, Egypt, Ethiopia, and the Central African Republic. From 18 November to 20 November, a Sudan Humanitarian Crisis Conference was held in Cairo where international organizations and grassroots aid organizations from Sudan discussed how to act, communicate, and coordinate more effectively with local groups. Aid organizations raise the alarm that the conflict is a disastrous humanitarian crisis ; aid workers from Sudan are kidnapped, raped, and attacked regularly. With another offensive planned by the RSF and human rights abuses showing no sign of stopping, the conflict is likely to intensify in the coming months . 5. Myanmar The civil war in Myanmar changed rapidly in November. The military junta, which took power in February 2021, has lost ground to a coordinated assault from three opposition groups in the eastern Shan state on the border with China. On October 27, the armed groups captured over 100 military-held towns and severed a key trade link between the Myanmar capital and China in ‘Operation 1027’. Fighting is ongoing over the city of Laukkaing, a border city with China with extensive links to transnational criminal networks and human trafficking. The scale of success by opposition groups is a serious challenge to the Myanmar military, given their inability to mount a response. The fighting has led to the displacement of at least 30,000 according to the UN, with further refugees fleeing the violence. The military junta’s loss of control poses questions over their relations with other actors in the region. China has a strong preference for stability in the country given its significant infrastructure interest in developing a port to the Bay of Bengal and raw material investments. Yet the inability of Myanmar’s military to tackle emerging transnational crime and the human trafficking network has led to a growing Chinese military presence on the border. For India, Myanmar is a strategic link between the trilateral highway and the power grid connecting the north-eastern region of India and Thailand. While both powers maintained relations with the Myanmar military junta since the coup, the latest offensive presents strategic problems, with outside actors questioning the durability of the military. While the junta has setbacks, it still has experience in fighting multiple counter-insurgencies within Myanmar. In terms of equipment, the military also has the advantage of fighter jets and artillery capabilities purchased from Russia. Despite the progress from ethnic and pro-democracy groups, the conflict is likely to intensify in the coming months . 6. The Sahel Region Mali, Niger, and Burkina Faso, the Sahel region, witnessed a worsening of the security and humanitarian situation . In Mali, following clashes in the northern town of Kidal, the Malian army announced on November 14 that the city had been recaptured from the political-military Tuareg rebel group. Kidal, in which about 25,000 people live, has long been a stronghold for the Tuareg rebel group, and its recapture marks an important turning point for Malian forces. The BBC reports that the Malian army is backed by Wagner group mercenaries . The rebels stated they left the city for ‘strategic reasons.’ It is difficult to estimate a precise death toll because of the remoteness of the region. Despite the victory for the Malian forces , fighting continues in other parts of the country between armed forces and Tuareg rebels, while UN peacekeeping troops withdraw. In Burkina Faso, on November 26, fighters related to the terrorist organization Jama’at Nusrat al-Islam wal Muslimeen (JNIM) attacked an army base in the north of Burkina Faso . The fighters also attacked homes and a camp for internally displaced people, killing at least 40. The Burkinabe Armed Forces neutralized the JNIM gunmen after a three-hour-long attack. On November 5, around 70 people were killed in a massacre in the town of Zaongo, according to Burkinabe authorities. According to the EU, there could be up to 100 victims. In September 2023, the military governments of Mali, Burkina Faso, and Niger established the Alliance of the Sahel States (AES) . On November 25, the alliance held its first summit in Bamako, with intergovernmental discussions on counterterrorism and economic development in the region. The creation of the AES is a response to their increasing isolation from the international community . In November, the European Parliament adopted a resolution that condemned the military coup d’etat in Niger and at the end of October, agreed on a framework for targeted EU sanctions on the country. The countries are also strengthening their ties with Russia . Malian authorities have signed a deal with Russia to build a gold refinery in a bid to ‘control all gold production.’ In Burkina Faso, authorities announced the construction of a civil nuclear plant by Russian Rosatom and reportedly welcomed around 20 Russian soldiers in the country at the beginning of November. Alerts - November 2023 1. Bangladesh Mass protests in Bangladesh began at the end of October and continued in November. The leading opposition party, the Bangladesh Nationalist Party (BNP) called for protests to remove the incumbent Prime Minister Sheikh Hasina and replace him with a neutral caretaker government , claiming that the ruling Awami League will not hold free and fair elections in January 2024. The protests escalated in the capital with buses set on fire and police using rubber bullets against protestors, resulting in the death of a police officer and injuring more than 100 hundred people. The government has cracked down on the opposition party, with security forces arresting over 10,000 political opponents, according to Human Rights Watch. Given the Awami League’s hold over the security apparatus, it will likely continue its hard-handed oppression of the BNP and may lead to further violence ahead of the elections in January . 2. Argentina On November 19, Javier Milei, the anti-establishment candidate of the far-right, won Argentina's second-round elections , with 55.8 percent of the vote. The president-elect's radical, and libertarian political agenda is controversial at home and abroad. The Argentine election result has sparked mixed reactions worldwide, between enthusiastic support from other far-right leaders such as Bolsonaro, Putin, and former U.S. President Trump and dismay from others, including leftist leaders from Colombia and Venezuela. Domestically, Milei’s election provoked protests from a section of the population concerned about the possible negative outcomes of his proposed policy agenda. However, the opposition, made up of labor unions, social organizations, and human rights activists, is adopting a wait-and-see posture until his inauguration on December 10. The opposition has warned that they will resist if Milei implements pledged policies such as cutting the size of the state, privatizing companies, and suspending the peso in favor of the dollar. The Milei administration has a substantial challenge ahead, given the country’s precarious economic conditions and growing socio-political tensions . Also, the new leader’s radical stances on environmental issues and human rights will likely generate further protests in the coming weeks . 3. The Netherlands In the Netherlands, the general election took place on November 22 to elect a new House of Representatives (Tweede Kamer). The PVV, a radical right nationalist party headed by Geert Wilders, won 37 seats, ahead of green-left GL-PvdA with 25 seats. The center-right ruling party, the VVD, lost 10 seats and ended with 24 seats. PVV is expected to form a right-wing government with the VVD, NSC, and BBB, but the outcome of coalition government negotiations is unknown. Due to Wilders’ strong opposition to Islam and asylum seekers, his prominence, as well as recent public statements regarding the placement of Palestinian refugees, have received condemnation from several Arab and Muslim-majority nations . Updates - November 2023 1. Venezuela-Guyana As the December 3 Venezuelan referendum approaches to confirm Venezuelan claims to the Essequibo region , tensions are growing between the Cooperative Republic of Guyana and the Bolivarian Republic of Venezuela. The long-standing dispute was reignited by Guyana’s discovery of a significant oil and gas reserve and subsequent ExxonMobil concession. In the referendum, Venezuelans will be asked whether they reject the 1899 arbitration and the International Court of Justice’s jurisdiction and oppose Guyana’s unilateral appropriation of Essequibo territorial waters. In addition, Venezuelan voters will vote on the creation of the new State of Guayana Esequiba in the disputed area, whose residents will be granted the status of full Venezuelan citizens. The Venezuelan government is running a massive propaganda campaign ahead of the referendum. In response, Guyana asked for the International Court of Justice (ICJ) intervention to stop the referendum and preserve Guyana’s sovereignty over Essequibo. Hearings of representatives of the governments of Guyana and Venezuela were held at the ICJ on November 14 and 15, respectively. The ICJ announced that its ruling over the Essequibo dispute will be issued on December 1, 2023. In early November, the Venezuelan government denounced an alleged joint announcement between Guyana and the United States to strengthen the U.S. military presence in the Essequibo Strip . Although there is no evidence of ongoing joint military operations with the U.S., on November 28 and 29, Guyana and U.S. Defence Forces held a meeting to discuss the establishment of an enhanced military partnership. Also, on November 26, Guyana’s President Mohamed Irfaan Ali said that the country had instituted a contingency plan to deal with the eventual repercussions of border dispute escalations. Meanwhile, protests have been reported in the Essequibo Strip by the local population in support of the region's affiliation with Guyana and to reject the prospect of acquiring Venezuelan citizenship. 2. Afghanistan-Pakistan On November 1, Pakistani authorities ordered 1.7 million refugees and migrants from Afghanistan to leave the country. It is estimated that there are 4 million Afghan refugees who have traveled to Pakistan over the years, many with official documentation. However, around 1.7 million reportedly have no official documentation from either country due to the porous borders. Tens of thousands headed for the border before November 1 and around 400.000 Afghans have left the country over the course of the month. Human Rights Watch reported widespread abuses with Pakistani police compelling Afghans to return to the border through forced displacement, bribery, seizing their property, and taking action against residents protecting Afghans without proper documents. The authorities announced the decision in response to a spike in terrorist attacks from Tehreek-e-Taliban Pakistan , an Afghan Taliban-affiliated organization. While Pakistan thought the Taliban’s return to power would help its efforts to contain the TTP, terror attacks have escalated since then, killing hundreds of security forces. Following the Taliban’s return to power after their takeover of the country, Afghanistan is in the middle of a humanitarian crisis . The forced displacement of Afghans without registration in Pakistan is an additional challenge for the already struggling country. Authors: Alessia Cappeletti, Kevin Heller, Mark Bruno, Jacob Dickinson, Roos Nijmeijers, and Sara Frisan.

Date: 29/11/2023 Where: Netherlands Who’s involved: NXP, Chimera Group (threat actor) What happened? The details of a substantial cybersecurity incident were revealed to Dutch press on 24/11/2023 involving Eindhoven-based microchip designer and manufacturer, NXP. The company was infiltrated by Chinese hackers from a group known as 'Chimera', likely giving the group access to sensitive information for nearly three years. NXP only became aware of the incident when KLM Airlines subsidiary, Transavia, uncovered the group’s activities in one of their investigations. The investigation confirmed that Chimera had access to NXP’s system from at least the end of 2017 to spring 2020. Hackers targeted chip designs and company secrets, stealing email boxes and sensitive data. The attackers gained access through employee accounts using credentials leaked on the darkweb, mixed with the use of brute force tools and publicly available information. Along with NXP, at least seven Taiwanese chip companies and the airline Transavia were also affected. Despite NXP's efforts to enhance security, the company suffered another data breach in 2023, showing ongoing vulnerability to cyber attacks. Analysis: The Chimera Group, previously thought only active since 2018, is a suspected China-based threat actor primarily targeting the semiconductor industry, though this incident shows that they have also targeted airlines, with potential other campaigns yet to be revealed. The hackers worked with stolen account information from previous data breaches and scraping publicly available data from Facebook and LinkedIn. According to the AIVD, the attack is indicative of a large-scale, well-coordinated campaign. This is consistent with an advanced persistent threat (APT), and possibly a state-supported threat actor. Details are still unknown about exactly what the impact of the breach will be. Some of the information leaked could have included personal information of clients and employees, lending itself to further attacks. Further attacks did come in another incident that occurred in July of 2023, and was reported on 5/9/2023. More data was stolen that included customers' names, email addresses, phone numbers, and other personal details. The specifics of the compromised data were not fully detailed in the public reports, and no threat actor identified. Conclusion While NXP insists that these breaches were minor, the delays in detection, reporting, and inability to publish details of the impact are troubling. The effectiveness of Chimera Group represents a significant and ongoing challenge in the realm of global cyber security, as few threat actors have been so hyper-focused on an industry that is so important to both consumer and defense sectors. The ability to remain undetected for extended periods while accessing sensitive information, including chip designs and corporate secrets is potentially devastating. The incident, being so largely shaped by information shared by Transavia, demonstrates the need for additional transparency between not only individual corporate entities, but industries. One can anticipate that there will be a broader impact on the semiconductor and airline industries as more information is made public and the scope of the campaign is uncovered. This series of incidents serves as a stark reminder of the critical need for robust cybersecurity strategies and the constant vigilance required to counter such advanced and persistent threats.

Written by Mark Bruno In May 2023, Danish critical infrastructure experienced what has been described as the "largest cyber attack" against it in its history, targeting 22 companies in the energy sector. The tools utilized were extremely sophisticated and had the potential to enable external control over portions of the energy grid. This attack was linked to Russian threat actors, Sandworm – an entity also known as Unit 74455 within Russia’s GRU. Another attack against a major institution, attributed to a Russian threat actor, was the recent ransomware attack on the Industrial and Commerce Bank of China by the LockBit ransomware gang. The attack had a huge impact on the Treasury market in both the US and China, temporarily displacing $9 billion at their Financial Services Division in New York. LockBit, while not associated with the Russian government, is a criminal organization that has operated with relative immunity, as long as their attacks are primarily focused outside of Russian territory. This perceived tolerance by the Russian authorities is a common trait among several ransomware groups. Both events are emblematic of two kinds of cyberattack coming out of Russia: those explicitly carried out by the state, and those tolerated or encouraged by the state. Both threats have been exacerbated and become an essential part of Russian operations as the nation finds itself increasingly isolated from the international community. State-Backed VS. State-Tolerated While these particular events seem brazen, Russian cyber operations are certainly influenced by its increasing international pariah status. Facing global isolation, Russia actively resorts to destructive cyber activities as a tool of geopolitical influence, while doing nothing to discourage actors that contribute to these goals voluntarily. State Backed Russian state-backed threat actors have been confirmed to operate in positions within the General Staff of the Main Intelligence Directorate (GRU). This means that they answer to the highest offices within the Defense Ministry–they are uniformed military intelligence. The most infamous of these threat actors is a team known to cybersecurity professionals as Sandworm, active since at least 2009, and has been known over the years by numerous names, including ELECTRUM, Telebots, IRON VIKING, BlackEnergy Group, Quedagh, Voodoo Bear, and IRIDIUM. Sandworm’s advanced capabilities have been used to attack critical infrastructure such as power grids, hospital networks, and financial systems throughout EU and NATO member states. Russia’s Foreign Intelligence Service (SVR) has its own array of threat actors as well, who answer directly to the office of the President. Among their assets is a threat actor commonly known as Cozy Bear. Cozy Bear has been in operation since at least 2008, targeting government, thinktank, and research institution networks in EU and NATO member states, as well. The Internet Research Agency is a Russian entity that was allegedly dissolved after the coup attempt by Yevgeny Prigozhin–who founded it. Established in 2013, its focus was using the cyber realm to reinforce information and psychological operations to advance strategic and tactical objectives for the Russian Government. This was done particularly through the use of disinformation in Social Media. Despite claims of its dissolution, the tactics and strategies employed by the IRA continue to be relevant in discussions about cybersecurity, information warfare, and the integrity of political processes in the digital age. State Tolerated Russia has a history of utilizing non-state-backed cyber assets and taking advantage of pro-Russian hacktivism, especially in the context of the conflict with Ukraine. The Kremlin has been known to leverage relationships with cybercriminal groups, using them indirectly to conduct cyber operations that align with state interests. Russia's robust cybercrime ecosystem provides a pool of skilled individuals and resources that can be mobilized for state-aligned objectives, including espionage, misinformation, and disruptive cyberattacks. An advantage for encouraging such activity is a chance for deniability to delay an escalation of conflicts or sanctions, while creating confusion and instability. The gray zone tactics are beneficial for both kinetic and constructing narratives. Some of these individuals and groups are incredibly powerful for-profit enterprises that hold international organizations’ infrastructure hostage through Ransomware, or sell stolen data and malware to those who might use them for criminal purposes. The most famous of these is LockBit, who have attacked various industries globally, with the healthcare and education sectors being major victims. The United States, India, and Brazil are among the top targeted countries. Other threat actors are dedicated to the interferences and nuisance-level threats caused through Distributed Denial of Service (DDoS) attacks or defacements. A DDoS is an attack wherein a digital service is overwhelmed with fake requests until it is shut down. Pro-Russian hacktivists conduct cyberattacks supporting Russian geopolitical goals in this capacity. These groups often target Western entities or those opposing Russian interests. Among the most famous of these entities are pro-Russian cybercriminal groups, KillNet, Anonymous Sudan, and NoName057(16). At any given time, these groups are involved in conducting dozens of DDoS and defacement attacks on websites, almost always based on Russian strategic objectives. By using non-state actors, Russia can engage in cyber activities while maintaining plausible deniability. These assets have been involved in targeting critical infrastructure in countries opposing Russian interests, demonstrating the potential for significant disruption. What Are They Capable Of? A question that gets asked a lot by outsiders is “what are the real consequences of these sorts of attacks?” The effects of cyber tactics seem more obvious in traditional warfare when paired with conventional weapons, electronic warfare, or intelligence-gathering operations. Just this month, reputable cybersecurity firm Mandiant released a report about Sandworm executing a cyberattack that crippled infrastructure in an area simultaneously targeted by a missile strike, very likely increasing its lethality. However, it can technically be argued that no one has died in the history of cyber warfare in respect to attacks that remain in that domain. There is no way to “hack combatants to death”. But when hospital services are interrupted, when the power or heating infrastructure is impacted on winter nights, when supply chains are interrupted during times of war or global pandemics, can that point truly be defended? NotPetya, a novel malware deployed by Sandworm, was part of a campaign initiated on June 27, 2017. It represented one of the most aggressive and widespread cyber attacks in history. The event inflicted severe disruptions in various sectors, including banking, airports, and power companies, and is considered one of the most destructive cyber-attacks ever. Initially targeting Ukraine, it rapidly spread globally, affecting over 80 companies in Ukraine, and at least 2,000 organizations worldwide. NotPetya, an advanced version of an older ransomware called “Petya”, connected the already potent malware strain to a highly aggressive viral worm. Unlike ransomware utilized by many for-profit and criminal gangs, NotPetya was never intended to honor ransoms, and effectively destroyed the file systems on whatever network it touched. 49,000 computers belonging to Danish logistics giant, Maersk, were taken offline. The company claims that its repair costs alone totaled over 300 million USD. Another similar disruption was caused by Cozy Bear in their infamous 2020 SolarWinds hack, a sophisticated supply chain breach involving the SolarWinds Orion system. Orion is a valuable target, as it allows large enterprises to manage their information assets and software suites. The compromise of Orion led to one of the most extensive and complex cyber operations against both the US government and the private sector. It impacted a significant portion of SolarWinds' customers, a number of which were based in Europe, including key government agencies and numerous private entities. The attack's far-reaching implications affected governments around the world, highlighting the heightened vulnerability and interconnected nature of global cybersecurity. On September 6, 2022, KillNet launched a Distributed Denial-of-Service (DDoS) attack on the website belonging to the Port of Nagoya, Japan. The port, one of the country's largest, is significant for international shipments of heavy machinery, and the single largest in operation with the Toyota corporation. This assault overwhelmed the website with malicious traffic, rendering it inaccessible for approximately 40 minutes. The attack, while brief, indicated the port's vulnerability to cyber threats. On July 4, 2023, the port was targeted by a ransomware attack conducted by the LockBit group. This resulted in significant operational disruptions, halting more than half of the container shifting operations and causing a failure in the port's unified terminal system. The attack impacted major logistical operations, and led to a shutdown of the port's activities for over two days, illustrating the substantial impact of ransomware on critical infrastructure. These events demonstrate a growing threat posed by cyberattacks, where both unsophisticated DDoS and more impactful ransomware attacks can cause significant operational disruptions and economic consequences. The involvement of groups like Killnet and LockBit illustrates the escalating sophistication and impact of cyberattacks aligned with geopolitical interests. A Cornered Bear As Russia becomes increasingly sidelined on the global stage, its propensity to engage in or tacitly endorse destructive cyber activities grows. This tactic serves as a powerful tool in asserting influence and disrupting perceived adversaries, with fewer diplomatic repercussions, and much lower practical costs. Russia's sophisticated state-backed operations, coupled with its tolerance of rogue cyber gangs like LockBit or KillNet, form a two-pronged strategy in cyberspace that offers an increasingly potent-but-deniable arsenal to a regime with a gradually shrinking list of options. About the author: Mark Bruno Mark Bruno is a noncommissioned officer in the United States military, where he serves as a Combat Medic and a Public Affairs Representative. He holds a Master’s Certificate in Information Assurance from the University of Maryland, and a Bachelor of Science in Communication from the State University system of New York. All statements made in this article are his own, and do not reflect any policies or positions of the United States Department of Defense.

Date: 23/11/2023 Where: Netherlands, Dutch interests overseas. Who’s involved: Partij voor de Vrijheid (PVV), Geert Wilders, Dutch companies and citizens What happened? On 22/11/2023, the Netherlands voted in a general election to elect a new House of Representatives (Tweede Kamer). The PVV, a radical right nationalist party headed by populist Geert Wilders, won around 37 seats, ahead of GL-PvdA with 25 seats and the former largest party VVD with 24 seats. They are expected to form a right-wing government with the VVD, NSC and BBB. In his victory speech, Geert Wilders said he will seek to govern for the whole of the Netherlands within the framework of constitutional law. However, the PVV is strongly opposed to Islam and asylum seekers. He claims that Islam represents a fascist doctrine that is contrary to the pluralistic society of the Netherlands. The PVV election manifesto mentions that the party is seeking to exit the 1951 UN refugee convention, withdraw temporary asylum permits of Syrian refugees, and also ban the Koran in addition to closing Mosques and Islamic schools. Shortly after the result it became known that Moroccan, Turkish and muslim societies shared concerns about their future and rights in the Netherlands after the win of PVV. Analysis: The election of Geert Wilders is the latest in a radical right shift across Europe. His hardline stance against immigration and his comments have proved incendiary in the past. Geert Wilders has had multiple Fatwas – a formal, non-binding ruling issued by an Islamic institution – against him and has been living under police protection for almost 20 years. In 2018, Wilders announced a Muhammad cartoon contest which caused anger in the Islamic world and protests in Muslim-majority countries, especially in Pakistan where blasphemy is forbidden by law. While the formation of a governing coalition is unknown, the victory of Wilders may cause (violent) reactions in Muslim-majority countries against him or Dutch interests, and therefore present a heightened terrorism risk to the Netherlands and Dutch interests abroad. Intelligence agencies have raised their threat levels against terrorism across Europe since 2019, citing the capability and intent of radical extremist groups targeting citizens. As such, there may be an elevated threat to Dutch companies from extremist groups both in the Netherlands and Dutch interests based Muslim-majority countries. The risks of terrorism have increased elsewhere in Europe as a result of inflammatory rhetoric. Earlier this year, Quran burnings in Sweden also caused large protests in Muslim-majority countries. In Iraq, the Swedish embassy was stormed, the Swedish ambassador expelled, and a working permit of Swedish telecom company Ericsson withdrawn. In Pakistan, the Swedish embassy was closed due to security concerns likely connected to the Quran burnings. It has also led to Swedish citizens being targeted by extremist groups and lone terrorists, such as the fatal attack on two Swedish football fans in Belgium. Sweden’s prime minister Ulf Kristersson said that “Swedish interests have never been more threatened than now”. Conclusion The election victory of Geert Wilders raises concerns for Dutch interests in the Netherlands and around the world, given his openly anti-Islam rhetoric and policies against asylum-seekers. Dutch companies, citizens and broader interests could be targeted. As the outcome of the coalition negotiations is yet to be seen, definitive consequences are hard to estimate at this time. However, vigilance and a recognition of the vulnerability of Dutch interests abroad are recommended.

Aircraft Manufacturers have a proven history of converting commercial airliners into military aircraft. This started during World War II where aircraft like the Douglas DC-3 airliner was converted to a C-47 Cargo transport and later on as an AC-47 ‘Gunship’ and EC-47 Electronic Warfare. Another well known example is the Boeing 707 airliner into the E-3 Sentry AWACS and KC-135 Airborne Tanker used by the USAF. Over the past decade, there has been a growing military interest in a distinct sector of civilian aviation, namely business aviation. This leads to a rising aviation security concern in the Misidentification of Business Aircraft perceived as a Military aircraft. Traditionally the Business Aviation aircraft were mainly used by the military for VIP transport, but along the way some types have been modified for Airborne Intelligence, Surveillance, Reconnaissance, Electronic Warfare, Special Operations Support, etc.. Additionally, unlike bespoke military aircraft, modified business aircraft have two other advantages: a global pool of spare parts and an extremely high dependability in comparison to military aircraft. With the current number of conflicts growing world wide, more and more business aircraft are being used by the military. Especially in the Middle-East, Black Sea, Baltic States and around Taiwan. The risk of Misidentification is growing rapidly. There are also companies that support the military through Contractor Owned, Contractor Operated (COCO) Intelligence, Surveillance & Reconnaissance (ISR) operations in support of DoD entities and USG agencies. An example of this is the United States Special Operations Command (USOCOM) that uses subcontractors that operate a fleet of COCO ISR aircraft like the Bombardier Challenger 605 and the Challenger 650 Aerial Reconnaissance and Targeting Exploitation Multi-Mission Intelligence System (ARTEMIS). These aircraft are flying regular missions along the Poland-Belarus border to monitor Russian ground force activities. As well as in the Indo-Pacific theater in support of U.S. Special Operations Command Pacific (SOCPAC). The Bombardier Challenger 650 technology demonstrator is outfitted with the ARTEMIS multi-sensor surveillance suite. (Photo: via U.S. Army) Such are the similarities between some military and corporate jets, it is not always easy to tell them apart. Some examples; Civil type Military type Mission role Gulfstream G550 EC-37B Compass Call Electronic Warfare C-37 A/ B VIP / Special Air Mission Bombardier Global Express 6000 E-11 BACN Battlefield Airborne Communications Node Bombardier Challenger 605 Challenger 605 ARTEMIS intelligence, surveillance, and reconnaissance Learjet 35A C-21 pax and cargo airlifts. Dassault 900LX Envoy IV CC Mk1 VIP transport by the RAF (The Global 6000 /E-11 BACN ,Battlefield Airborne Communications Node USAF photo) Misidentifying a business aircraft as a military aircraft can have serious consequences, as it may lead to harassment by hostile actors in international airspace, intercepts and potential shootdown, confusion, or even security concerns. Here are some potential reasons for such misidentifications and steps to prevent them: Reasons for Misidentification: Similar Appearance: Some business jets may have a similar appearance to certain military aircraft, especially if they share design features or are painted in similar colors. More and more COCO ‘Business’ aircraft are being used and flown near airways operated by the regular business aircraft. The radar signature as well as the exterior look alike, the flight profiles differ as these often fly large holding patterns or ‘zig-zag’ patterns. Lack of Information: Limited or unclear information about the aircraft, especially in situations where radar or other identification systems may not provide detailed data. Communication Failures: Miscommunication or lack of communication between air traffic control (ATC) and military authorities. Or between ATC and the Business aircraft. Another scenario is that a Business Aircraft experiences an enroute problem for which it enters a holding to troubleshoot the situation. If this is not properly coordinated with ATC, the holding pattern of the business aircraft can look similar to the operational flight condition of a ‘military’ aircraft that often flies holding patterns when conducting their mission. Flight plan / Flight plan deviation Due to GPS Spoofing or navigational equipment failure. Use of similar flight numbers with multiple digits, which change with each landing and take-off made in the course of a day, will likely continue to cause flight number designation errors by both pilots and controllers. In selected circumstances, this could lead to misidentification of aircraft. What happens when you get intercepted by a military aircraft? Most military forces have a standard intercept protocol. Air Defense Sectors monitor air traffic and could order an intercept in the interest of national security or defense. Intercepts during peacetime operations are vastly different from those conducted under increased states of readiness. The interceptors may be fighters or rotary wing aircraft. The reasons for aircraft intercept include; Identify an aircraft; Track an aircraft; Inspect an aircraft; Divert an aircraft; Establish communications with an aircraft. Approach Phase. As a standard protocol, intercepted aircraft are usually approached from behind. While it is common for interceptor aircraft to operate in pairs, there are instances where a single aircraft may carry out the intercept operation. The intercepting aircraft bears the responsibility for ensuring a safe separation between itself and the intercepted aircraft, and this separation will be diligently maintained throughout the operation. Identification Phase. Interceptor aircraft will commence a controlled approach toward the target aircraft, maintaining a distance no closer than deemed necessary for positive identification and the collection of essential information. Additionally, the interceptor may conduct a flyby of the intercepted aircraft while obtaining data at a distance considered safe, taking into account the performance characteristics of both aircraft. Post Intercept Phase An interceptor may make efforts to establish communication using standard ICAO signals (ICAO Annex 2; Rules of the Air). In situations where time is critical and an immediate response is required from the intercepted aircraft, or if the intercepted aircraft remains non-compliant with instructions, the interceptor pilot may initiate a divert maneuver. During this maneuver, the interceptor will fly across the flight path of the intercepted aircraft, maintaining a minimum separation of 500 feet and starting slightly below the intercepted aircraft's altitude, in the anticipated direction of the intercepted aircraft's turn. While crossing the flight path, the interceptor will rock its wings (during daytime) or flash external lights/select afterburners (at night). Following this, the interceptor will roll out in the expected direction of the intercepted aircraft's turn before returning to confirm compliance. The intercepted aircraft is expected to execute an immediate turn toward the intercepting aircraft. If the aircraft of interest fails to comply, the interceptor may conduct a second climbing turn across the intercepted aircraft's flight path, again maintaining a minimum separation of 500 feet and starting slightly below the intercepted aircraft's altitude. During this maneuver, flares may be deployed as a warning signal for the intercepted aircraft to comply immediately, turn in the indicated direction, and leave the area. The interceptor is responsible for ensuring safe separation during all intercept maneuvers, with a paramount focus on flight safety. Preventive Measures: Perform a Risk Assessment concerning the planned flight route prior to the flight, related to overflight risk, conflict zone update, military exercises in the area of your planned route. Therefore monitor airport and airspace-specific notices, bulletins, circulars, advisories, prohibitions and restrictions prior to departure. Check if the departure and destination airport are also (frequently) used by COCO aircraft. Enhance communication protocols between ATC and military authorities to ensure accurate information exchange and identification of aircraft. In the event of a communication failure make sure to follow the correct ‘loss of communication’ procedures. That the correct transponder code and flight ID is set. Make sure that the flight crew and operations crew are trained on a recurrent basis Security Awareness, ‘how do I look to the outside world’ and training to maintain familiarity with the preventive procedures as well as the loss com procedures. These can consist of the company SOP’s, aircraft manufacturing procedures and ICAO Annex 2; Rules of the Air. Confirm the identity and authority of the passengers (high profile ‘target’ passengers for the countries the flight will overfly) reroute the flight plan when required.