In relation to the long-term identified security threats and their sources, a higher dynamic of the development of threat levels indicators1) was recorded in the assessed period compared to the previous period.
In the evaluated period, the most significant changes in the threat levels indicators were recorded in the following areas: development of military capabilities of foreign powers2), cyber-attacks and activities of foreign intelligence services. In the above mentioned areas, there was an increase in the risk rate compared to the previous period.
The main intelligence effort was focused on the gathering and evaluation of information related to combat power potential of foreign powers, development of the strategic military capabilities (including weapons of mass destruction), advanced weapon systems, information/psychological operations, strategic propaganda, foreign intelligence activities and cyber-attacks of security actors.
Regarding cyber-attacks, previous assumptions have been confirmed. The driving factors dramatically shaping the field of cyber security are: advances in the field of artificial intelligence, rapid and qualitative technological advancements and the growing number of organized hacker groups and activities.
The increase in relation to the issue of foreign intelligence activities is mainly related to the growth of tensions and the dynamics of competitive relationship development between security actors.
Heightened tensions are one of the factors which motivate key security actors to further develop their military capabilities.
In connection with increasing the military capabilities of security actors, the issue of cyberspace and foreign intelligence services was therefore monitored and evaluated particularly in terms of links and relations with the so-called hybrid way of conducting combat activities. In this context, specific attention has been paid to security actors, which have seen an increase in combat potential compared to the previous period.
High attention was also paid to the issue of extremism and the activities of Slovak paramilitary and militant groups.
In relation to the issue of extremism a conceptual change in the approach and the way of realization of their activities was confirmed. The risk level related to this threat stagnated in the period under review.
High attention was paid especially to the monitoring of indicators of paramilitary and militant oriented groups interconnection with extremist issues, issues of influence and activities of foreign powers, or foreign intelligence services. The efforts of these entities to establish themselves in politics, forms and methods of their promotion and cooperation with similarly oriented domestic, as well as foreign actors were also evaluated. The level of risk in relation to this threat increased slightly.
On a regular basis, the capabilities of the Slovak Armed Forces were monitored and evaluated in accordance with applicable legislation (including the issues related to the military industrial complex, development of combat force and building of their own combat potential). Additionally, the negative effects of propaganda at a strategic level, terrorism, migration processes, activities of individuals or organized groups in relation to defence department, efforts to obtain classified information by unauthorized persons and illegal proliferation of weapons systems, weapons and military technologies (including weapons of mass destruction) were monitored and evaluated as well.
As of December 31, 2018, the number of the Military Intelligence (hereafter as MI) personnel was 61.37% of the planned number. MI has 81 % of professional soldiers and 19 % of public service employees, of whom 78% are men and 22 % are women. The average age of MI personnel is 42, with 35.5 % under 40 years of age. The rate of personnel with higher education (including the first level of higher education) is 77%.
The billing list of the Ministry of Defence chapter administrator drew up binding indicators for MI for the 2018 budget in the area of revenues the amount of 49 000 EUR and in the area of expenditures the amount of 51 379 080 EUR. In the period from 1 January 2018 to 31 December 2018, altogether 22 budget measures were implemented by the chapter administrator of the Ministry of Defence, adjusting the total budget expenditures limit to 76 217 504 EUR.
In 2018, MI processed and provided 375 intelligence products to eligible users and contracting entities. Of these, 150 were intelligence information, 16 summary intelligence, 209 intelligence exchange products to partner intelligence services, and 44 specialized open source products provided to NATO.
In the evaluated period, MI continued in its efforts to develop new capabilities connected mainly with cyber defence. Based on the Act no. 69/2018 of the Collection of Laws on cyber security and on the amendment and supplementation of some acts3), the Centre for Cyber Defence of the Slovak Republic (hereafter as Centre) was established and constitutes a special component of MI fulfilling tasks in the field of defence of the state in the cyberspace domain. As part of its legal activities, the Centre focuses on detecting activities of state and non-state actors in cyberspace, with an emphasis on monitoring and analysing their activities, capabilities and methods of operations. The Centre is entitled to inform the entities concerned about the current threats and to propose and implement appropriate security measures. A part of the Centre is also the military computer security incident unit CSIRT.MIL.SK (Military Computer Security Incident Response Team Slovakia), which was successfully accredited by the Trusted Introducer certification authority on February 12, 2018 and gained full membership of the CSIRT / CERT TF- Task Force of Computer Security Incident Response Team. CSIRT.MIL.SK gains insight into the safety of the supervised infrastructure, detects system vulnerabilities in time, recognizes unwanted activity in the network, responds adequately to security incidents, and enhances the expertise and security awareness of the Ministry of Defence employees through systematic training.
In addition to the above-mentioned processes, in the area of asymmetric threats, the approval process the of the Slovak Republic membership in NATO Centre of Excellence for Strategic Communication (CoE STRATCOM NATO) was successfully completed at the end of the evaluation period. Since 1 January 2019, the Slovak Republic became a full-fledged member of the organization.
In the period from January 1st, 2018 to December 31st, 2018, MI submitted a total of 58 requests for consent to relevant legal judges to use information-surveillance devices. 57 requests for consent were approved and 1 was rejected by legal judges to use the information-surveillance devices. Of the total number of 57 written approvals issued by the legal judges for the use of information-surveillance devices, the purpose and objective of lawfulness in all 57 cases was met.
In the period from January 1st, 2018 to December 31st, 2018, MI submitted a total of 17 extension requests to legal judges for consent to use information-surveillance devices. 16 extension requests for consent were approved and 1 was rejected by legal judges to use the information-surveillance devices.
There was no unlawful use of information-surveillance devices in either of the cases.
The intelligence activities of MI were mainly focused on obtaining and evaluating information related to the build-up and development of armed forces. In particular, the issue of preparation and implementation of significant defence development projects. Priorities remained unchanged compared to the previously assessed period.
In the field of retaining existing capabilities, the intelligence activities were standardly focused on monitoring, reporting and evaluating processes and activities covering the preparation and elaboration of the defence sector strategic documents (including Alliance related documents), planning processes, preparations, training and staff replenishment. Particular attention was paid to the preparation of intelligence documents for developing and updating the Plans for the Use of the Armed Forces on the Strategic Level in the context of Alliance operations.
Other areas of interest were issues related to the operational use of weapons, equipment and materials, research and development. Special focus of attention was aimed towards the moral and physical obsolescence of combat equipment, the termination of the technical life cycle and technical renewal of materials, gear and equipment and, difficulties with the supplies of spare parts, public procurement, and the provision of service, repairs and overhauling within and outside of the defence department.
Emphasis was also put on collecting and evaluating information about the problematic area dealing with the human resources agenda.
In relation to the participation of the Armed Forces of the Slovak Republic in international crisis management operations - NATO, the EU, the Organization for Security and Co-operation in Europe and the United Nations, the security situation in the areas of deployment of the Slovak Armed Forces troops abroad was continuously assessed. Special attention was paid to intelligence coverage of the preparation phase of the units prior to their deployment and to the intelligence support of the commanders of the Slovak Republic contingents in missions abroad.
Security challenges and negative trends of development in problematic areas identified in the last report still prevail. Among others, the security challenge remains in the field of strategic communication of the Ministry of Defence in relation to society and a wide range of other target groups. The negative trend of human resource replenishment and dealing with negative trends in relation to narcotics and psychotropic substances, radicalism and extremism persists. A slight increase in the level of risk was recorded in connection to the field of narcotics and psychotropic substances.
There were no changes related to the increased trends of interest in the personnel of the Slovak Republic Armed Forces by paramilitary and criminal structures and foreign intelligence services. No significant activities were recorded, neither on the social networks nor in the media in the assessed period (rather stagnation) in relation to the hybrid warfare method of conducting combat operations and information and psychological operations activities against the armed forces personnel as one of the target groups. Compared to the previous assessment period, no significant changes in this field, in relation to the contribution of the Slovak Republic in international crisis management operations, were observed either.
In relation to the participation of the Slovak Armed Forces in operations abroad, the threat of attack by militants infiltrated into the friendly forces persisted (“green on blue attacks”).
Besides the aforementioned issues, evaluation of the combat potential of the foreign armed forces, the security situation in Ukraine and selected countries in the Western Balkans and the Middle East was made. Emphasis was placed on existing or potentially conflicting areas, where the worsening of the security situation has the potential to be a source of tension escalation in the region, with a subsequent spillover effect to neighbouring countries and, eventually with consequences on the security and protected interests of the Slovak Republic.
Intense attention was paid to the assessment, and notably, to the negative trend in the observance the international contractual obligations in the field of arms control and disarmament. The system of contractual obligations in the field of arms control and disarmament is one of the pillars of the European security architecture, as well as the basic guarantee of security in a global security context. Several indicators of substantial disruption of this system were detected during the assessed period. In particular, several warning problems are linked to the emergence of the threat of an arms race in a global context. The size of this threat was assessed as low by the end of the evaluated period.
In this context, intensive monitoring and evaluation of activities of a relevant security actor was conducted on the eastern strategic operational direction. In the assessed period, the level of combat force and combat potential of this actor were assessed as increased. While the combat potential of this actor has increased more than its combat force (i.e. it is a substantial qualitative and not a quantitative change), the increase in its combat force is not assessed as strategically decisive. This security actor possesses strategic nuclear weaponry capabilities, and its combat potential has increased in several areas. In this context, the most significant increase can be seen in the different levels of hybrid warfare capabilities, Special Forces (including intelligence agencies), cyber capabilities (especially in the domain of artificial intelligence), technologically advanced weapon systems, communication systems, electronic warfare systems, and mobility. Substantial increase and capabilities improvements were also observed in the field of mobilization replenishment and crisis management. In addition, the actor is also able to implement gained experiences from foreign military operations into the system of training, exercises and operational procedures of its own troops. The threat level of a military nature originated by this actor against the security of the Slovak Republic is currently assessed as low. However, it cannot be ruled out that the size of the threat/or the risk rate will change (a negative trend is predicted) depending on the level of tension between key security actors, the dynamics of the development of their competitive relationships and other factors
The negative trend of development in conflict areas was monitored and assessed also in relation to the issue of migration (especially with regards to internally displaced persons in Ukraine, development of the security situation in the separatist regions of the country, development of the security situation in the Middle East and North Africa regions, changes in migration routes, the intensity of their exploitation and cross-border criminal activities). In addition to the aforementioned, increased attention was paid to the area of illegal and so-called pseudo-illegal migration. Besides the regular means of illegal border crossings, sophisticated, so-called pseudo-illegal ways are being organized. Such methods include, for example, obtaining a residence permit through establishing a company or purchasing a registered company in the Slovak Republic and through sham marriages (marriages of convenience). In this area, intensive cooperation and support is provided at the operative and information level to the relevant units of the Police Corps of the Slovak Republic and the Ministry of Finance of the Slovak Republic.
In the assessed period, the evaluation of the negative effects of propaganda at the strategic level and the activities of foreign intelligence services against protected interests of the Slovak Republic continued. Intelligence information was continuously provided to relevant end-users of the Slovak security sector.
In the context of the negative effects of propaganda at the strategic level, systematic and targeted dissemination of specific narratives was recorded in the long term. It does not solely concern the narratives, whose objectives are in disrupting the cooperative cohesion between EU and NATO, or those that are founded on „Slavic history“ historical optimism. Ideologically based narratives are mainly observed, respectively, those narratives that exploit so-called social division lines4), with conflict potential (so-called conflict predisposition). The greatest challenge, in relation to strategic propaganda, remains in the precision of a systemic definition of warning problems related to strategic propaganda and the establishment of a set of reliable indicators necessary for an objective assessment of this threat. The need for its framing lays in the difficulty distinguishing the reliability and objectivity of narratives. There are, for example, narratives, which are the result of targeted harmful activities of external security actors and narratives, which are the result of a polarized society and are the natural outcomes of legitimate social or intrinsic processes, or merely, the natural consequence of seeing the world by individuals or social groups. Omitting this type of framing would not provide the tools to set up appropriate strategic communication or adopt additional effective countermeasures.
In the field of protection of the defence department against activities of foreign intelligence services, the activity of MI was also focused on detection, reporting and prevention of intelligence activities of foreign powers. Active measures were taken to eliminate foreign intelligence activities. In the assessed period, there was a documented case where a person was legally operating in the territory of the Slovak Republic as a member of the diplomatic corps accredited to the Slovak Republic. The activities undertaken by this person in our territory posed a security threat against the protected values and interests of the Slovak Republic. The activities and operations were assessed as irreconcilable with the provisions of the Vienna Convention on Diplomatic Relations. By the end of the assessed period, for the above reasons, the person was declared person non-grata by the Ministry of Foreign Affairs and European Affairs of the Slovak Republic (hereafter as MFaEA) and expelled. In the recorded cases, intensive co-operation with partner intelligence organizations was undertaken within the assessed period.
In the field of counter-terrorism, no major changes were detected in comparison to the previously assessed period. The threat of terrorism, however, remains. During the assessed period, no indicators were identified that would significantly or negatively influence its scope (or degree of risk). Activities were focused on the evaluation of threat indicators of terrorist attacks against the Slovak Republic, particularly those against personnel, premises and facilities of the Ministry of Defence. Specific attention in this area was paid to the threat of a terrorist attack against Slovak Armed Forces contingents deployed abroad (in particular in the Resolute Support Mission in Afghanistan). During the assessed period, continuous effort was made to identify active, as well as passive supporters of jihadi groups, to monitor local and foreign risk communities with ties to Slovak Armed Forces personnel, or Slovak citizens with ties to the Ministry of Defence. Obtained information was shared within the scope of the Expert Group for the Coordination of Exchange and Analysis of Information and Cooperation in the Fight Against Terrorism, with foreign partner organizations and via the National Security Analytical Centre (hereafter as NBAC). Furthermore, on-going attention was given to the monitoring and analysis of jihadi propaganda throughout various social media.
During the assessed period, threats pertaining to cyberspace were also monitored, analysed and assessed. This concerned mainly cyber incidents, or rather, attacks and the activities of numerous hacker groups5) with a possible impact on the civilian and military communication and information systems of the Ministry of Defence and the Slovak Republic connected to the internet. Numerous intelligence was collected, together with partner intelligence organizations, indicating attacks against public and state information or communication systems using malicious code resembling advanced persistent threats6). In the case of hacker groups, intelligence was obtained pertaining their structure, focus of activities, possible support from state/non-state actors and on-going cyber campaigns in which they took part in. With reference to the tactics, methods and procedures used in cyber operations, new forms of activities and capabilities using various types of vulnerabilities were monitored.
Phishing attacks7) detected in information and communication systems connected to the internet were the most investigated incidents. Within these activities, numerous serious intentional and unintentional breaches of internal security protocols by the employees of the Ministry of Defence were identified. These resulted in the endangering of the security against information systems and unclassified, internal information that was processed within them8). In all discovered cases, relevant measures were taken in order to eliminate the effects of the security incidents, with emphasis applied to briefing the users and to prevent their repeated occurrence.
The most serious incident, in the cyber security domain, during the assessed period was the compromise of the unclassified network of the MFaEA. The nature of the attack, modus operandi, tactics, and capabilities used in the attack were identified in other cyber campaigns as APT15. The source of this threat is a sophisticated group of attackers, which is highly likely to be supported by a foreign state power and acts in its long-term favour. Based on analytic procedures and obtained digital fingerprints, it was discovered that infiltration was carried out with the intent of perpetrating cyber espionage and theft of internal and non-public information. The investigation of this incident is on-going and appropriate countermeasures are being applied.
During the assessed period, apart from the above mentioned incident, specific cyber-attacks against state institutions and political parties were identified. These attacks were related to the development of the internal political situation in the country. In late February and early March of 2018, three (3) waves of attacks on the webpages of the Government of the Slovak Republic and the Ministry of Interior of the Slovak Republic were perpetrated. The attacks caused a temporary unavailability of the webpages services. During this period, the group „Anonymous Slovakia“, together with the group „Darkstain“ claimed responsibility for the attacks via the social media platform Facebook.
In the field of fight against extremism, no major changes were detected. The threat of extremism, however, remains. During the assessed period, no indicators that would significantly or negatively influence its scope (or degree of risk) were identified. The negative trend, assessed in the previously reported period, regarding the increase of supporters which are openly or covertly inclined towards extreme views and ideologies (particularly neo-Fascism and neo-Nazism), mostly stagnated.
The activities of Slovak paramilitary and militantly – oriented groups were intensely monitored. Attention was focused primarily on the activities of persons with ties to the Ministry of Defence of the Slovak Republic, which are providing gained knowledge and capabilities to the benefit of such groups. The activity of these groups is assessed as a potential security threat primarily in relation to the internal security environment. In relation to this, it cannot be ruled out that in the future, individuals, movements, political subjects or external security actors could exploit such paramilitary groups in order to enforce or push ideas and promote interests which are not in accordance with the parliamentary democratic foundation of the state. During the assessed period, indicators of connections of such groups with the activities of intelligence services and foreign powers using hybrid warfare strategy were also evaluated. The obtained information confirms long-lasting presumptions, as the number of such indicators once again slightly rose during the assessed period. Also confirmed are the presumptions in relation to the change of operations within the paramilitary and militantly-oriented groups on Slovak territory. During the assessed period, substantial intensified attempts to establish such subjects in politics were identified. The methods and forms of their propagation, as well as their communication outwards in relation to society, are also changing. Furthermore, activities, which strive to increase the sympathizer and supporter base of these groups in the future were also identified. Their cooperation with similarly oriented local, but also foreign actors is continually being identified. The intensity or scope of this cooperation was, in comparison to the previously assessed period, higher between certain subjects. Relevant intelligence was provided to the authorized users.
With reference to the issues of detrimental sectarian groups and infiltration of such groups into the Ministry of Defence of the Slovak Republic, no such activities were recorded during the assessed period. Activities of sects posed no security threat to the tasks fulfilled by the Ministry of Defence of the Slovak Republic.
In the field of organized crime, illicit possession of arms, illegal trafficking of military ammunition, explosives and drug offenses, several cases that were committed by members of the Slovak Armed Forces were repeatedly reported. In the process of implementation of appropriate actions, cooperation with relevant departmental bodies and non-departmental entities was established (especially in the areas of illicit arming and drug-related crimes). A set of intelligence and coordination measures were taken in all the cases that led to a criminal law settlement. In the field of drug-related crimes, repeatedly, a subtle increase number of cases of narcotic and psychotropic consumption by members of the Slovak Armed Forces was recorded.
Increased attention was paid to the issue of illegal arms and ammunition possession, which originated from within the military environment. A case with regard to illegal possession and sale of ammunition that originated in the Slovak Armed Forces was recorded. The case concerned illegally acquired signal ammunition coming from the stock of the Slovak Armed Forces and was probably obtained in order to be (illegally) re-operationalized. Banned search using a metal detector for unexploded WWII ammunition in the same case was also recorded. Another recorded case was related to offering a larger amount of automatic weapons and related ammunition for sale by a member of the Slovak Armed Forces. In this particular case, the weapon suppliers were also identified. Unconfirmed intelligence was also obtained in the case of the perpetrator\'s connection with persons from the criminal environment and with committing organized economic crime. Other criminal activities during the assessed period were also recorded, of which the most severe were in the field of illegal fuel sales from various units of the Armed Forces of the Slovak Republic to civilian entities. All information obtained on the illegal activities was provided to competent law enforcement authorities. During the assessed period, the collection and exchange of information on the activities of persons and organized crime groups in the Western Balkans region was also addressed. The main types of activities of these groups were the illegal trading of fuels, weapons and drugs, and also the illegal transport of migrants through the so-called Balkan Route to Western Europe. A set of regular intelligence and security measures in cooperation with the Slovak Police Corps was implemented in the area of cross-border crime on the Slovakian – Ukrainian state border. Further findings regarding attempts of disruption of the Slovak airspace on the Slovakian – Ukrainian state border by organized crime groups were obtained.
MI, in accordance with existing legislation, regularly evaluated information on exports and re-exports of military goods by Slovak business entities. Within this scope, the evaluation was focused on the connection of the Slovak business entities activities with Slovak manufacturing and trading companies in the exports and re-exports of military goods. Intelligence measures were taken to obtain early information on conventional arms, weapon systems and military material trafficking that could be exported to conflict areas and serve to promote terrorism, or be used in local military conflicts.
In the field of exports and re-exports of military goods, information was gathered using intelligence activities concerning a group of people conducting brokerage activities in the process of trading goods with military defence companies missing valid permission from the Ministry of Economy of the Slovak Republic. Some of the military products (engines, explosives) originated in the Russian Federation, with imports of such commodities limited by international sanctions. The group intended to import commodities through so-called third countries. The gained intelligence was regularly provided to the state administration authorities for further use and for the adoption of adequate measures.
Within the framework of protection of the military and economic interests of the Slovak Republic, intelligence activity was focused mainly on measures aimed at fulfilling financially demanding contracts with focus on the possible inefficient handling of funds, non-fulfilment of obligations under the subject of contracts, possible corruption and favouritism behaviour with a negative impact on the protected interests of the Slovak Republic. The monitoring of the implementation of terms and conditions of projects related to research, development and procurement of armoured combat vehicles and multi-purpose tactical vehicles, ongoing system integration and modernization of DELOSYS artillery fire-control system, acquisition of radar equipment and completion of contracts for delivery of UH-60M BLACK HAWK helicopters continued.
In the area of the protection of classified information, six (6) suspected cases of unauthorized manipulation with classified documents and eighteen (18) violations of the protection of classified information were recorded during the evaluation period. Three (3) cases of offences were forwarded to the National Security Authority of the Slovak Republic. The cases clarification of violations was conducted by MI in cooperation with the Military Police of the Slovak Ministry of Defence.
In 2018, a total of 2683 security clearance applications were received. The security vetting process was finalized in 1779 cases and proposed to the National Security Authority of the Slovak Republic. The vetting process was terminated in accordance with the legislation in 70 cases. MI carried out 1636 security inspections in regards to the security vetting and administered more than 37 500 requests to other state authorities, municipalities and legal entities. A total of 8034 administrative and registration tasks related to the issuance of 2678 security certificates were completed in the process of evaluation of NATO and EU certificates for authorized personnel within the competence of the Slovak Ministry of Defence. The number of NATO and EÚ certificates granted by the National Security Authority of the Slovak Republic to employees of the Ministry of Defence of the Slovak Republic increased significantly. MI prepared and finalized 10 318 reports with regard to the right to be acquainted with and the cessation of authorisation for acquaintance with classified information. MI participated in the process of performing security vetting of persons carried out by the National Security Authority of the Slovak Republic by providing 2648 written submissions on the requests submitted in accordance with the Act on the Protection of Classified Information.
A total of 12041 responses to checking records and data requirements were processed during the assessed period (6200 from within MI organizational units, 3212 from the Slovak Information Service and 2629 from the National Security Authority). In addition, MI processed 3516 checking records and data requirements and addressed them to the Slovak Information Service and the Police Corps.
In the field of physical and premises security, the tasks of assessing the real condition, accuracy and completeness of safety documentation and its amendments were continuously fulfilled. In addition to the aforementioned tasks, the methodological and preventive-educational activities and cooperation with the National Security Authority were provided in this area.
During the assessed period, MI participated in the activities of the NBAC and various interdepartmental expert bodies and groups as a part of inter-ministerial cooperation.
In the framework of bilateral and multilateral cooperation, MI carried out a total of 40 activities in the Slovak Republic and abroad.
One example of cooperation with NATO member countries during the evaluated period is the NATO Science for Peace and Security Program. As part of this program, a team of experts, led by Professor Grošek, a member of MI and a Director of the Institute of Informatics and Mathematics of the Slovak University of Technology in Bratislava, prepared a project called the Secure Implementation of Post-Quantum Cryptography. In November 2018, this project was evaluated as the best one out of the 100 considered projects in the NATO Cyber Defence category for the past decade.
During the assessed period, MI signed Memoranda on Mutual Cooperation with partner services from the Visegrad Group (V-4) countries. The aim of the memoranda is to develop cooperation aimed primarily at sharing information on current threats and exchanging experience related to security incidents in cyberspace. The memoranda also include co-operation in the preparation of joint cyber exercises with the Czech Republic, as well as training for countries that aspire to join the EU and NATO or are working closely with them.
- 1) The level of risk, the motivation of the actors or their capabilities.
- 2) The armed forces of states which may, in relation to the interests of the Slovak Republic and its international commitments in the military field represent a potential adversary.
- 3) Also included are amendments to Act no. 198/1994 Coll. on Military Intelligence, Act no. 319/2002 Coll. on Defence of the Slovak Republic, which together form the legislative framework for cyber defence.
- 4) The basic dividing lines include, for example, the centre / periphery, state / people (citizens) and power elite / people (citizens), state / church, religious (rival confession), regional (regional differences), ethnic (ethnic rivalry), ideological (ideological division of society). Specific dividing lines include, for example, asymmetric threats and their detrimental effects, military activities of the state, significant non-state actor activities, proliferation of weapons, weapon systems and militarily exploitable technologies, non-intentional threats (natural disasters, technological and industrial accidents, pandemics), weaknesses of government, migration, problematic relations with neighbours, transformation of armed forces, acquisition projects and so on.
- 5) In particular groups that are supported by state and/or non-state actors, but also those with a criminal background.
- 6) So-called APT (Advanced Persistent Threats).
- 7) Emails, which deliberately attempt to obtain sign-in information from users into various internal systems. Using this type of attack, the attackers mostly use social engineering, where they attempt to come across/approach the user as an authority (administrator, helpdesk) or as a trustworthy subject (as a company, e.g. Microsoft, a bank or a state institution). Most of these emails contain infected attachments, or a link to a webpage, where the users insert their sign-in (personal) information. Attached files often contain malicious code called ransomware, which encrypts and subsequently deletes available data on the workstation and (on behalf of the attacker) requires financial payment for its deciphering.
- 8) Not concerned with information, to which the provisions of the law on the protection of classified information apply