Germany's Responses to Large Scale Malicious Cyber Incidents and Opportunities for AUS-GER future cooperation
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
ANALYSIS Germany’s Responses to Large Scale Malicious Cyber Incidents and Opportunities for AUS-GER future cooperation Julia Schuetze, Project Manager Stiftung Neue Verantwortung, Berlin November 2019 About the Author Julia Schuetze is the Project Manager for to SNV, she worked at Wikimedia Deutsch- International Cyber Security Policy at land e.V. and has researched at the Berk- Stiftung Neue Verantwortung e.V. Her re- man Klein Center at Harvard University. search focus is on joint responses to mali- She holds the Euromaster Transatlantic cious cyber activities, specifically on cyber Track degree from University of Bath with diplomacy of the European Union with the stops at UW Seattle and HU Berlin. Her United States and Japan as part of the EU bachelor thesis at the University of Stirling, Cyber Direct project. She is a Cybersecurity ‘Germany’s cyber security awareness pro- Policy Fellow at New America Foundation. gramme: Lessons from the US’, was tutored She has organized several workshops and by the German Federal Office for Informa- events with cybersecurity experts from the tion Security (BSI). She was also an intern U.S., EU, Japan and Germany in Washington at the Washington DC office of the Kon- D.C., Berlin and Tokyo to enhance interna- rad-Adenauer-Foundation in 2014. tional cooperation on cybersecurity. Prior PAGE 22 THE PERISCOPE SERIES / VOLUME 3 / 2020
Large scale malicious cyber incidents have been on the rise. Classi-
fied as such are malicious activities with “significant impact1” that
seek to undermine political integrity, national security and eco-
nomic competitiveness, with the eventual risk of conflict.
Germany’s Federal Office for Information to respond to large scale malicious cyber
Security (BSI) brings out a report about activities, such as NotPetya. Most govern-
the state of IT-security every year. In 20192 ments focus on the one hand on address-
it presented a threat situation affecting ing the vulnerabilities and aim to increase
Germany, highlighting the increased risk resilience and cybersecurity, so those inci-
of such large scale malicious activities dents cannot cause that much damage. On
that mirror two of the most consequen- the other hand, governments are trying dif-
tial cyber incidents of 2017 WannaCry ferent strategies to influence the behavior
and NotPetya. Take NotPetya, a Ransom- of threat actors to punish them or prevent
ware attack 3 that exploited a widespread them from executing such incidents in the
vulnerability in Microsoft affecting coun- first place. The discussion on responses to
tries around the world and caused huge malicious cyber activities spans the whole
financial damage globally4 and impacted field of cybersecurity policy and becomes
Germany and Australia5. Since then, as more and more part of the traditional se-
BSI highlights in its 2019 report, more vul- curity and foreign policy debates. This is
nerabilities were discovered, such as in a because governments use a whole range
widely used chip hardware6. Ransomware of different policy instruments (military,
attacks are still on the rise, a new form regulatory, financial, technical, organiza-
called Emotet has already affected German tional and diplomatic) to respond to mali-
businesses and cities, halting services and cious cyber activities. Countries cannot do
production7. Moreover, digitalisation and this in silos. Especially threats and vulnera-
digital dependability increase the effects of bilities that cause large scale incidents, like
large scale attacks and widespread vulner- NotPetya are global and therefore affect
abilities. The effects are made worse due the cybersecurity of many countries. Ac-
to the automation of attacks and therefore cordingly, the global cybersecurity environ-
they could spread even more quickly glob- ment can be strengthened or weakened
ally and create massive economic dam- by actions taken by other governments. It
age; or in case of autonomous driving or can be weakened, for example if govern-
attacks on medical devices, risk the health ments are using cyberspace as a means to
of people8. Moreover, the wider use of AI achieve strategic geopolitical goals, such as
as a technology also bears new risks as damaging another country through a cyber
AI can be hacked and has its own unique attack as was found to be the case with
vulnerabilities9. NotPeyta10. This can weaken cybersecurity
Recognizing this threat landscape, gov- globally, since the vulnerabilities that are
ernments have found different answers exploited for such an attack are in soft- and
hardware that is used worldwide and thus
Analysis / Julia Schuetze PAGE 23makes other actors vulnerable. Moreover, Germany’s domestic architecture11 as well
if attacks are not targeted or executed as as the operational and foreign policy re-
a targeted attack, the attack can spread sponses taken individually and jointly with
quickly on its own, as was the case in Not- other countries. Looking at this closer im-
Petya, soon affecting many businesses proves the understanding of what Ger-
and public services in other countries. The many’s approach to cybersecurity is and
global cybersecurity environment can how- its measures taken in case of a large scale
ever also be strengthened through interna- cyber incident. It will moreover show some
tional cooperation. For example, countries divergences to Australian responses but
can assist each other in becoming resil- also opportunities for future cooperation
ient by sharing information about a threat with Australia.
quickly, working across borders with busi-
nesses on closing vulnerabilities that could Germany’s responses to large scale
be exploited for an attack. Those are just malicious cyber activities
a few of the examples why it is important
to think about the cybersecurity challenge Germany takes a whole of government ap-
with an international perspective. proach. This means that almost every fed-
eral governmental actor has some role in
Most countries therefore have by now set
Germany’s cybersecurity architecture12.
up a cybersecurity strategy that includes
The Federal Office for Information Security
their international engagements and
(BSI), responsible for Germany’s IT-Secu-
guides actions taken for cybersecurity or in
rity, specifically aims to complement this
cyberspace (see Australia, USA, Japan).
approach with a whole-of-society approach
Understanding Germany’s responses to as a form of governance that engages the
large-scale malicious activities allows us private sector, civil society, communities
to identify how Germany could work to- and individuals through different actions,
gether with Australia as the strategic goals such as information platforms or insti-
governments pursue as well as the policy tutional dialogues. In the BSI’s case, this
instruments that they are using can offer approach was chosen to strengthen resil-
opportunities and challenges for cooper- ience and increase it-security for society
ation affecting bilateral and multilateral and businesses more broadly.
relations with other governments and in-
When looking at the German government’s
ternational organisations.
responses to large scale malicious cyber
The difference in the Australian and Ger- activities, such as NotPetya in 2017, the
man government responses to malicious main government agency at the centre of
cyber activities can be best highlighted in Germany’s cybersecurity architecture, the
the NotPetya incident that triggered many Federal Office for Information Security
different political and especially foreign (BSI) is first and foremost responsible
policy responses. Although both coun- for the prevention and operational re-
tries were affected, their foreign policy re- sponse of such large scale incidents. To
sponses differed. This paper will examine prevent large scale malicious cyber activi-
Germany’s responses (and how it does ties the German government focuses on the
not respond) in comparison to other coun- protection of critical infrastructure as well
tries when it comes to large scale attacks as government agencies’ IT. This resulted
like NotPetya. The focus of the analysis is in a regulatory response by implementing
PAGE 24 THE PERISCOPE SERIES / VOLUME 3 / 2020the IT Security Legislation13 which demands as the federal police, the intelligence ser- a certain set of standards and reporting vices, the armed forces -- mainly aiming to mechanisms by critical infrastructure ensure a whole-of-government approach providers. In order to facilitate a close in operational response. Hence if a cyber and trustworthy relationship with its core threat occurs it is the place where the op- stakeholder groups, such as businesses erational response among different gov- and governmental agencies, the BSI uses ernmental bodies is coordinated. Any an institutionalized dialogue in the form information about the incident would be of a public private partnership, the Alliance accumulated there and every government for Cybersecurity (AfCS/ACS). The AfCS is a body represented would take appropriate network to share information on threats steps, such as investigation, information and protection mechanisms. In the case of gathering, technical assistance. This also NotPetya, BSI shared warnings and infor- occurred during the NotPetya incident16. mation on how to handle such an incident Germany works with international part- publicly as well as targeted by the AfCS14. ners on prevention of large scale incidents. It also does this preventatively as can be For example since NotPetya the German seen in a recent example when the BSI sent BSI has published together with its coun- out a warning about the hardware chip vul- terpart in France, the National Cybersecu- nerability to all members of the Alliance rity Agency of France (ANSSI), a common for Cybersecurity and gave instructions for situational picture that aims to inform protection15. Ideally, this is to prevent the the public but also helps the two coun- success of a large scale malicious activity tries be better prepared and learn from that could use this vulnerability. each other. It goes way beyond just infor- Another important element of Germany’s mation sharing. Such joint technical analy- response structure is the National IT Sit- sis can build a common understanding of uation Center (LZ) situated in BSI that threats and may be used by policymakers is tasked to create an analysis of the as a tool to inform their political analysis of threat environment for Germany and the situation and ultimately the responses evaluate cyber incidents for state and taken jointly. In their own words, the press private sector entities 24/7. In a situa- statement reads as follows: “Both agencies tion where an incident occurs experts at LZ agree that the threat situation concerning react and distribute their analysis accord- Ransomware is still alarming” and further ingly. In case of a large scale malicious ac- it states “the impact, however is different in tivity, the LZ can become a crisis center. BSI France and Germany, especially regarding may also gather and distribute information global WannaCry and NotPetya ransom- via their Computer Emergency Response ware campaigns in 2017. These different ex- Teams or Mobile Incident Response periences regarding the consequences of Team that in some very special cases may the same attacks in the two countries em- also provide technical assistance on the phasize the need to cooperate even closer, ground. For NotPetya and other larger in- e.g. sharing information and jointly analys- cidents, another institution becomes very ing cyber threats.”17 Hence joint technical important for mitigating and reacting to analysis is used in response to large scale the incident - the Cyber Defense Center incidents with the aim to prevent and learn (NCAZ/ Cyber-AZ). It is housed by BSI but from other governments. includes other government agencies, such Analysis / Julia Schuetze PAGE 25
Due to the rise of cyber incidents despite the development
of norms, the European Union has established a set of
response mechanisms, including most prominently the
so-called EU Cyber Diplomacy Toolbox which Germany
supported through the Council decision adopted in
June 2017.
Looking specifically at Germany’s foreign the protection of privacy. With a view to de-
policy responses, its engagement and dip- veloping norms of state behaviour and con-
lomatic efforts on cybersecurity, is centred fidence and security building measures for
traditionally around developing norms to cyberspace, they will work closely together
increase the stability of cyberspace, free- in international forums, particularly in the
dom of expression and building capacity UN Group of Governmental Experts.”19
in other countries. For this, the German Hence, the foreign office’s work has thus
Federal Foreign Office (AA) created an In- far mostly concentrated on prevention of
ternational Cyber Policy Coordination Staff large scale cyber incidents through norms
in 201118. The AA is also involved in the in coordination with other countries.
German Cybersecurity Council that gov- Due to the rise of cyber incidents despite
erns Germanys’ strategy. Notably, the AA is the development of norms, the European
not part of the Cyber Defense Center (Cy- Union has established a set of response
ber-AZ) and thus has no part in the oper- mechanisms, including most prominently
ational response in a large scale incident, the so-called EU Cyber Diplomacy Toolbox
like NotPetya. It rather aims to prevent a which Germany supported through the
large scale incident and increase the Council decision adopted in June 201720.
stability of cyberspace, by engaging in in- The EU Cyber Diplomacy Toolbox includes
ternational fora for norm building, such measures suitable for an immediate re-
as United National Group of Govern- sponse to incidents as well as elements
mental Experts (UNGGE) and the Open to encourage cooperation, facilitate the
Ended Working Group on Cyber Norms mitigation of immediate and long-term
(OEWG). This foreign policy response is threats, and influence the behavior of po-
done jointly with other countries, for exam- tential aggressors in the long term. These
ple since 2012 in strategic cooperation with measures range from diplomatic and po-
Australia noted in the Berlin-Canberra Dec- litical to economic actions to prevent, de-
laration of Intent on a Strategic Partner- tect or react to malicious cyber activities,
ship where it states in Article 11: “Australia including those that do not rise to the level
and Germany underline the importance of of internationally ‘wrongful acts’ but are
the Internet’s security, its freedom and its considered as ‘unfriendly acts’. This tool-
potential for development, and share the box includes foreign policy tools including
view that there should be an appropriate restrictive measures. Importantly, all those
balance between cyber security and access responses can only be implemented if all
to information, freedom of expression and member states agree. With reference to
PAGE 26 THE PERISCOPE SERIES / VOLUME 3 / 2020NotPetya, the Council passed the follow- 2018 at the Australian Cyber Security Cen- ing conclusion21 that Germany supported. tre (ACSC) Conference in Canberra22. The The conclusion reads: “The EU firmly con- governments of the US, the UK, Denmark, demns the malicious use of information Lithuania, Estonia, Canada, and Austra- and communications technologies (ICTs), lia called out Russia in official statements. including in Wannacry and NotPetya, which Official statements of support came from have caused significant damage and eco- New Zealand, Norway, Latvia, Sweden, and nomic loss in the EU and beyond. Such Finland. “That had followed also an ad- incidents are destabilizing cyberspace as ditional coordinated calling-out of DPRK well as the physical world since they can [North Korea] as responsible for the Wan- be easily misperceived and could trigger naCry incident,” Feakin said23. Germany did cascading events”. not join this coordinated attribution effort Because getting all member states to agree and there was also no official attribution by is not the easiest task, countries have also the German government individually done chosen bilateral and multilateral coordi- before or after the coordinated attribution. nated or joint responses. Joint responses The German government was criticized in can be defined as an action that two or a news article for this as Handelsblatt had more countries take together in order to learned that the White House had shared prevent, detect or react to malicious cyber confidential insights into the attack’s or- activities including diplomatic instruments. igins with German intelligence. A German A joint response to a specific threat or vul- government spokesman said the admin- nerability or major incident includes the istration confined its statements on intel- implementation of policy instruments. ligence matters to the “responsible secret Here, beyond the European Union - level bodies of the German Bundestag” 24. response to NotPetya, there are more and The German government has so far not more responses by ‘coalitions of the willing been on the forefront of attribution. The and capable’ in reaction to major incidents only public attribution after a cyber inci- where countries that agree to take further dent was done by the Minister of Foreign join together. Germany has so far not taken Affairs in a press statement about the ex- joint or coordinated bi- or multilateral re- pulsion of Russian diplomats due to Scripal sponses in reaction to a major incident be- incident, an effort led by the United King- yond supporting the EU Council’s decision. dom. Here the Minister of Foreign Affairs Examples of a coordinated response by added that the expulsion was also done a coalition of the willing and capable was due to the cyber incident that affected the seen, most prominently after NotPetya, foreign office in 2018, saying that it was where Australia led a coordinated attribu- most likely Russian actors that were re- tion effort. In February 2018, within days of sponsible for the incident 25. This was not a each other, seven nations including Austra- large scale cyber incident like NotPetya but lia attributed the NotPetya cyber attacks to a targeted attack infiltrating the foreign of- Russia. It was no coincidence, according to fice. Public attribution to Russia had also Australia’s Ambassador for Cyber Affairs, been done frequently by the former Head Dr Tobias Feakin that ”[NotPetya] repre- of Germany’s Domestic Intelligence26. How- sented the largest coordinated attribution ever, it can be disputed whether this is an of its kind to date,” Feakin he said in April actual public attribution by the German Analysis / Julia Schuetze PAGE 27
government as it was only communicated response which are also done together
through media channels by himself and fol- with other countries, like the join technical
lowed up by or embedded in embedded in analysis that BSI and ANSSI put out, using
other political actions or in a foreign policy other responses that are more political are
approach towards Russia in an official Ger- underdeveloped. This is even more confus-
man government statement. ing in light of current debates on the use
of offensive cyber means for defensive pur-
Conclusion: Germany’s responses to poses, so-called active cyber defense, and
large scale malicious cyber incidents attribution in Germany28. Without a clear
international strategy that installs Germa-
Thus when it comes to foreign policy coop- ny’s approach to cybersecurity and spe-
eration in reaction to a large scale incident, cific cybersecurity goals within its broader
Germany is not cooperating openly or using foreign and security policy goals, it would
the same response as Australia which has make the implementation and signalling of
attributed frequently and is heading an in- use of those instruments very unpredict-
ternational deterrence strategy right now. able for like-minded governments and bad
The German government, through its re- actors alike.
sponses focuses mostly on prevention of
large - scale cyber incidents and therefore Opportunities for AUS-GER future
its cooperation with other countries ap- cooperation
pears to be centred on that, too. Germa-
ny’s foreign policy approach is still focusing Taking into account the current state of
on norms-building. Cyber incidents are not Germany’s responses to large scale inci-
yet addressed as part of a broader foreign dents, there are three opportunities that
policy or security policy towards a coun- emerge for further cooperation among
try, for example with Russia. Germany has Australia and Germany.
not yet published a cyber diplomacy strat- 1. Firstly, Germany and Australia should
egy that would include or signal the use of continue the dialogue on responses
diplomatic instruments as a response to as it would help the understanding
cyber incidents. In case of non-existence of options that are available to Ger-
of such a strategy, this may explain why many and Australia and will increase
Germany is not using diplomatic instru- the awareness about under what condi-
ments, such as attribution, sanctions and tions Germany may respond on EU level
more in response to a large scale incident. or on its own or potentially join a coali-
Therefore, Germany is not joining bilateral tion of countries. This could help to co-
or multilateral cooperation to respond yet, ordinate responses in the future.
like the coordinated attribution effort led
by Australia. Strategically this could prove 2. Secondly, Germany and Australia could
difficult in a world where cyber incidents focus on threat analysis to prevent
are increasingly becoming part of broader large scale cyber incidents. Here both
geopolitical conflicts and are used as just could learn from each other. starting
another tool by some countries to under- with a common concern and common
mine other countries’ economies, national goal can assist in identifying options of
security and political integrity27. Unlike closer cooperation. A specific common
Germany’s well-developed operational concern is for example threats to critical
PAGE 28 THE PERISCOPE SERIES / VOLUME 3 / 2020infrastructure, and more specifically telecommunications in the context of threats from cyberspace that could halt international security. Germany and the successful implementation of en- Australia are members of both groups. ergy transition that both countries have Then multi-stakeholder initiatives, such in common. In Australia, renewable en- as the Global Commission on the Sta- ergy is growing at a per capita rate ten bility of Cyberspace (GCSC) recently times faster than the world average. launched its final report, which offers The next fastest country is Germany29. a cyber stability framework, principles, The assumption made by the German norms of behaviour, and recommenda- government that energy transition tions for the international community “means that access to them is less likely and wider ecosystem. Further there is to lead to conflicts30 ” and further that “it the Paris Call for trust and security in will also be more difficult for states to cyberspace that was signed by Germany use energy sources to exert pressure” and Australia. What is necessary now, should be discussed again taking into is an initiative that oversees the imple- account the unique vulnerabilities that mentation of norms worldwide and renewable energy systems have31 and identifies actions to ensure norm imple- that in general energy infrastructures mentation. As both countries support are becoming increasingly the target the multistakeholder approach to inter- of cyber attacks32. Since Germany and net governance, a pledge to support a Australia have an interest in a successful global digital cooperation architecture energy transition, a common goal could as a way to support norm implemen- be to address the cybersecurity impli- tation could aid bringing stakeholders cations in this context and analyse spe- together. The High-level Panel on Dig- cifically threats to energy transition and ital Cooperation was convened by the evaluate what responses may be useful UN Secretary-General to advance pro- to mitigate them. posals to strengthen cooperation in the 3. Thirdly, Germany and Australia should digital space. Three ways of achieving start working together not just on this goal were proposed in the report norm development but on norm im- and are now being further developed plementation and aim to support and discussed worldwide. All have global governance cooperation plat- strengths and weaknesses as a German forms to achieve the implementa- multi-stakeholder group has identified tion of norms. Many norms have been/ in a workshop in October 201933. The are being developed in different fora. Australian government put out a pub- For example the UN established two lic statement commenting on the rec- intergovernmental processes on cy- ommendations34. A beneficial next step bersecurity – the Open Ended Working for norm implementation could be to Group (OEWG) on developments in the use those two discussions, one on digi- field of information and telecommuni- tal cooperation architecture and one on cations in the context of international norms for cyberspace and identify what security, and the sixth Group of Gov- sort of architecture Australia and Ger- ernmental Experts (GGE) on develop- many would pledge to support to imple- ments in the field of information and ment norms or develop norms further. Analysis / Julia Schuetze PAGE 29
Endnotes
1 EU definition that governs the implementation 17 BSI (2018) ANSSI and BSI present their first
of EU Cyber Diplomacy toolbox that Germany “Common situational picture”
passed in Council with all other member states.
18 Federal Foreign Office (2019) International
Council of the European Union (2019) Cyber-at-
cyber policy
tacks: Council is now able to impose sanctions
19 Australian Government Department of Foreign
2 BSI (2019) Die Lage der IT-Sicherheit in Deutsch-
Affairs and Trade (2012) Berlin-Canberra Decla-
land 2019
ration of Intent on a Strategic Partnership
3 Greenberg (2018) The Untold Story of Not-
20 European Council (2017) Cyber attacks: EU
Petya, the Most Devastating Cyberattack in
ready to respond with a range of measures,
History
including sanctions
4 Greenberg (2018) The Untold Story of NotPetya,
21 Council of the European Union (2018) Council
the Most Devastating Cyberattack in History
conclusions on malicious cyber activities
5 BSI (2017) Update: Cyber-Angriffswelle Petya
22 Stilgherrian (2018) Blaming Russia for NotPetya
– Bedrohung größer als bekannt or Scherchel
was coordinated diplomatic action
(2017) BSI-Warnung: Nach wie vor hohe Gefahr
durch NotPetya-Backdoor in MeDoc or Minister 23 Stilgherrian (2018) Blaming Russia for NotPetya
for Law Enforcement and Cyber Security (2018) was coordinated diplomatic action
Australian Government attribution of the ‘Not- 24 Koch (2018) Germany is just fine with the NotPe-
Petya’ cyber incident to Russia tya cyberattack but its allies aren’t
6 Reichert (2019) Hardware vulnerability by- 25 Auswärtiges Amt (2018) Bundesregierung zum
passes Spectre and Meltdown patches Fall Skripal
7 Westernhagen (2019) Trojaner-Befall: Neue 26 Reuters (2018) German intelligence sees Russia
Emotet-Welle legt Neustädter Stadtverwaltung behind hack of energy firms: media report or
lahm Russia ‘was behind German parliament hack’ or
8 BSI (2019) Die Lage der IT-Sicherheit in Deutsch- Reuters (2017) Germany challenges Russia over
land 2019 alleged cyberattacks
9 Herpig (2019) Attack surface of machine 27 See for example: Center For Strategic Interna-
learning tional Studies (2019) Significant Cyber Incidents
and Tallait (2019) Disrupt and restraint: The
10 Russia used NotPetya incident to and then it
evolution of cyber conflict and the implications
spread
for collective security
11 Herpig and Bredenbock (2019) Cybersicher-
28 Herpig (2019) Aktive Cyber-Abwehr: Innenmin-
heitspolitik in Deutschland. Akteure, Auf-
ister schaltet bei IT-Sicherheit schrittweise von
gaben und Zuständigkeiten. Im Fokus: Das
Verteidigung auf Angriff
Cyber-Abwehrzentrum
29 https://theconversation.com/australia-is-the-
12 See Germany’s cybersecurity architecture here:
runaway-global-leader-in-building-new-renew-
https://www.stiftung-nv.de/sites/default/files/
able-energy-123694
cybersicherheitspolitik_in_deutschland.pdf
30 Maas (2019) Speech by Foreign Minister Heiko
13 Bundesanzeiger (2015) IT-Sicherheitsgesetz
Maas at the opening of the Berlin Energy Transi-
14 BSI (2018) Die Lage der IT-Sicherheit in Deutsch- tion Dialogue
land 2018
31 Stamper et al (2017) Distributed Energy Sys-
15 BSI (2019) Windows-Schwachstelle: BSI warnt tems: Security Implications of the Grid of the
vor möglichen wurmartigen Angriffen Future und Idaho National Laboratory (2016)
Cyber Threat and Vulnerability Analysis of the
16 BSI (2018) Die Lage der IT-Sicherheit in Deutsch-
U.S. Electric Sector
land 2018
PAGE 30 THE PERISCOPE SERIES / VOLUME 3 / 202032 See: Sanger und Perlroth (2019) U.S. Escalates Online Attacks on Russia’s Power Grid, E-ISAC (2016) Analysis of the Cyber Attack on the Ukrainian Power Grid and Cimpanu (2019) Ran- somware incident leaves some Johannesburg residents without electricity 33 Heumann, Göhlich, Schuetze (2019) Work- shop Documentation UN High-Level Report – discussing Architectures for global digital Cooperation 34 Australian Government Department of Foreign Affairs and Trade (2019) IGF Consultation: Re- port of the UN Secretary-General’s High-level Panel on Digital Cooperation Analysis / Julia Schuetze PAGE 31
Copyright © Konrad Adenauer Stiftung (Australia) Limited, April 2020 Editor Katja Theodorakis Publisher Konrad Adenauer Stiftung (Australia) Limited Regional Programme Australia and the Pacific 11/3 Sydney Avenue Barton, ACT 2600 Australia Tel: +61 2 6154 9322 www.kas.de/australia Disclaimer All rights reserved. No part of this publication may be reprinted or repro- duced or utilised in any form or by any electronic, mechanical or other means, now known or hereafter invented, including photocopying or re- cording, or in any information storage or retrieval system, without permis- sion from the publisher. The opinions expressed in this publication rests exclusively with the au- thors and their interpretations do not necessarily reflect the views or the policy of the Konrad Adenauer Stiftung. Design, Layout and Typeset Swell Design Group Paper ecoStar+ is an environmentally responsible paper. The fibre source is FSC Recycled certified. ecoStar+ is manufactured from 100% post consumer re- cycled paper in a process chlorine free environment under the ISO 14001 environmental management system. PAGE 56 THE PERISCOPE SERIES / VOLUME 3 / 2020
You can also read
