29 November 2017

Use of Technology in Counter Terrorism Operation Part II

I had the privilege of serving in OP - RAKSHAK in Punjab in 1990-1991, OP – RIHNO in Assam during 1991 – 1992 and three tenures in J&K. After my tenure as Chief Signals Officer, Chinar Corps at Srinagar I wrote a paper on Leveraging Technology In Counter Insurgency Operations which was published at in The PINNACLE, The ARTRAC Journal in its Jun 2008 issue. The same in available at :https://drive.google.com/file/d/0B7lCgXHBh1PaTlQ3VVZYbFRWbXM/edit?usp=sharing

After 10 years, on 26/11 I thought of revisiting the topic.

Here is my take on Use of Technology in Counter Terrorism Operations.
                                                                                                                   - PKM

Use of Technology in Counter Terrorism Operations
                                                                - Maj Gen P K Mallick, VSM (Retd)

Cyber Warfare

Dealing with terrorist groups, many experts fear their hacking capabilities, part of the security community considers the ISIS a serious menace to the security of Western critical infrastructure.

The availability of tool and exploits in the criminal underground makes it easy for terrorists to hit computer networks and infrastructure worldwide. The IS has the offensive capabilities to hit its adversaries; this is the opinion of many cyber security experts, including the popular Mikko Hypponen.

“The Islamic State is the first extremist group that has a credible offensive cyber capability,” said F-Secure Chief Research Officer Hyppönen, speaking last week at the Wall Street Journal’s WSJDLive conference in Laguna Beach, Calif. “Clearly, this situation isn’t getting better. It’s getting worse.”


A terrorist could attack a critical infrastructure to sabotage, or computer systems to steal sensitive data to use in other attacks.

The use of cyber weapons is a novelty in the terrorism landscape; it is a concrete risk with some advantages including

· The pre-attack phase is stealth, the organization of a cyber attack present low risks respect conventional terrorist attacks.

· The use of a zero-day vulnerability provides a real advantage to the attackers that minimize the risks of failure of operations and maximize the efficiency of the cyber weapon. Zero-day exploits could be acquired in the criminal underground and could be used in targeted attacks.

· The costs of a cyber weapon are very cheap compared to the one related a conventional weapon (explosive, weapons, vehicles for the commandos, etc.).

· The choice of cyber weapon allows the terrorists to remain under the radar until the attacks.

· Cyber weapon could have similar effects of a terrorist attack.

What are the objectives of cyber weapons?

The list is very long and includes almost every strategic infrastructure of a country such as Industrial control systems, communications networks, and defense systems. Despite groups of terrorists haven’t the time and the knowledge necessary for the design of a new cyber weapon, there is the concrete risk that threat actors in the wild can conduct a reverse engineering of the code of other nation-state malware circulating over the Internet. The ISIS is trying to recruit hackers and experts to involve them in the hacking campaigns.


Social Media 

Social media is not the cause of violent extremism, but a powerful amplifier and accelerant. Digital platforms and increased access to smart phones and internet connectivity help facilitate radicalization and recruitment. Violent extremists’ exploitation of digital platforms allows would-be terrorists to seek inspiration and information online—and rally around a terrorist group as a brand, an idea, or a methodology—without ever leaving their homes. The widespread use of social media has also made violent extremists’ plans more difficult to disrupt. Security agencies have to track a much larger number of potential plotters, giving terrorists more space to plan large, complex operations against a higher background level of activity.

A special report by the US Department of Homeland Security listed various terrorist uses of Facebook: 

• As a way to share operational and tactical information, such as bomb recipes, weapon maintenance and use, tactical shooting, etc.

• As a gateway to extremist sites and other online radical content by linking on Facebook group pages and in discussion forums. 

• As a media outlet for terrorist propaganda and extremist ideological messaging. 

• As a wealth of information for remote reconnaissance for targeting purposes

The technology firms have faced increasing pressure from governments across the globe to stop the spread of extremist propaganda. Last year, White House officials met with Apple, Facebook, Twitter and Microsoft to discuss the subject. The British prime minister, Theresa May, has recently renewed her campaign against the technology companies with a crackdown meant to punish platforms that fail to take sufficient action against terrorist propaganda. At a recent bilateral meeting in Paris, May and French president Emmanuel Macron said they would explore new legal liabilities for tech companies that don’t remove inflammatory content, including possible fines.

While governments have urged companies like Facebook to do more, the social network has also faced backlash for ethically questionable censorship of non-terrorist content under the guise of countering propaganda. 


The tech firms have long struggled to balance their missions of supporting free speech with the need to remove and prevent the spread of terrorist content. The companies have faced intense scrutiny over the way terrorist groups have used the site for recruitment and for spreading hateful and violent messages. On Jun 25, 2017 Facebook, Microsoft, YouTube and Twitter collectively announced a new partnership aimed at reducing the accessibility of internet services to terrorists. The new Global Internet Forum to Counter Terrorism adds structure to existing efforts by the companies to target and remove from major web platforms recruiting materials for terror groups. Together, the four tech leaders say they will collaborate on engineering solutions to the problem, sharing content classification techniques and effective reporting methods for users. Each company also will contribute to both technical and policy research and share best practices for counterspeech initiatives.

As part of the new forum, the companies said they would share best practices regarding content detection and classification techniques using machine learning” and “define standard transparency reporting methods for terrorist content removals”. Back in December of 2016, the same four companies announced the creation of a shared industry hash database. By sharing hashes with each other, the group was able to collectively identify terror accounts without each having to do the time- and resource-intensive legwork independently. This new organization creates more formal bureaucracy for improving that database. Facebook, Microsoft, YouTube and Twitter will be teaching smaller companies and organizations to follow in their footsteps to adopt their own proactive plans for combating terror. A portion of this training will cover key strategies for executing counterspeech programs like YouTube’s Creators for Change and Facebook’s P2P and OCCI.

Privacy vs Security. Law enforcement and security agencies have claimed that encrypted platforms built for commercial purposes to safeguard privacy—where only the sender and receiver hold the keys and devices to decipher the message—are a gift to terrorists and criminals to help them communicate in a way that puts them beyond the law’s reach. In January an ISIL follower provided would-be fighters with a list of what he determined were the safest encrypted communications systems. Soon after the list was published, ISIL started moving official communications from Twitter to Telegram.

Both in the US and in the UK there has been a push for technology companies to either ban encryption on the grounds that we’re paying too high a price in terms of security, or at the very least request that companies like Apple, Google and Facebook build ‘backdoors’ that allow law enforcement access into their encrypted tools.

Tech companies have resisted any push to hand over to law-enforcement the keys to their customers’ encrypted data. Privacy advocates have, post-Snowden, defended the technologies as a protection against government snooping. But tech companies, are arguing that there are real risks of going along with government requests to access encrypted messages. Apple CEO Tim Cook, for example, recently warned that ‘any back door is a back door for everyone. Everybody wants to crack down on terrorists. Everybody wants to be secure. The question is how. Opening a back door can have very dire consequences.’

When it comes to privacy and security, we need to find the right balance in not allowing new encryption technologies to obstruct our counterterrorism efforts. We need secure encrypted systems for commerce, government and the protection of personal information (our digital identity). Banks and telcos are using those products to safeguard our data. Deliberately weakening encryption solutions would arguably weaken key infrastructure, with the ultimate beneficiaries being criminals, cyber activists and rival nation states. A cooperative solution with our police and security agencies working with relevant companies to identify the problems would be better than trying to introduce laws to restrict encryption. Indeed, there’s no guarantee that by banning the use of encryption solutions, as recently proposed in the UK by David Cameron, can be effective. Users and companies might migrate to other countries, solutions, products or servers.

Latest Technologies in Counter Terrorism Operations 


Big data plays a vital role in the war on terror. In order to fight the enemy, it is critical to get an in depth understanding of that enemy, how they operate, what technology they use. Nothing gives us better insights than big data. The data can be used to get an understanding of backgrounds, motives, modus operandi, methods of communication. Once these elements are understood, the information can be leveraged to learn about terrorist networks; who finances them, who supplies them, who supports them and who are the informants. Big data can also be used to establish patterns and make predictions on which population groups or what type of person would be most likely to join a terrorist organisation.

In a project, big data was used to scrutinise and analyse social media such as Facebook and Twitter in order to locate the origins of supporters of terrorist organisation ISIS. Over a period of three months, researchers monitored and analysed three million tweets. They managed to pinpoint important characteristics and patterns among tweets that showed support for ISIS and terrorism, as well as those who opposed it. Using these findings, the researchers created algorithms that were able to group users as pro- or anti-ISIS with an accuracy of nearly 90 percent. It is clear to see the value of being able to identify which people would be most likely to join ISIS as this could help limit the proliferation of extremist groups.

Surveillance data from drones gathered in areas where suspicious activity is taking place can also provide valuable information, especially when this real-time information is combined with other data sources. Information like this can help establish connections between people and events and identify the location of terrorists and even make predictions of the where they may move to in the future. 

Toy-sized battle robots with grenades and assault rifles. At the World Robot Conference in Beijing, China recently unveiled toy-sized battle robots with grenades and assault rifles. These robots have been designed in three versions: an attacker robot – armed with grenade launchers and rifles that minimise recoil – a reconnaissance robot capable of detecting hazardous gases, and a bomb disposal robot. The reconnaissance robot is apparently designed to be able to fit into a soldier’s backpack. Another robot used in the war against terrorism is the PackBot – a machine that locates and diffuses bombs. The PackBot will eventually carry out complex tasks without any human interference and will be very effective in detecting terrorists and explosives. PackBot can gather information from devices such as streetlights, bus shelters and sensors and combine it with its own data to make decisions. Various countries are developing autonomous robots that are able to eliminate terrorists and free hostages. These bots will be outfitted with biometric recognition technology and connect with sources that supply image data and location information to help identify potential terrorists.

Dfuze and Predictify Me – predicting the unpredictable. The use of prediction software in the fight against terrorism is also referred to as ‘predictive policing’. This form of counterterrorism has been on the increase and the ISS (Intelligent Software Solutions) behavioural analysis tool Dfuze is already used in over forty countries. Dfuze was used at the 2012 Olympics in London to pinpoint high risk areas to enable police forces to increase security presence. The software was also used to investigate the Boston bombings in 2013. The Dfuze system is a database which holds information on all terrorist attacks that have ever taken place. Governments can access this data to analyse previous attacks and share information, leading to more efficient methods of communication between nations. With the Dfuze system, specialists are able to establish and analyse trends and patterns, future attack hotspots, the types of explosives, modus operandi and help them predict, prepare for or even prevent any future terrorist attacks. In the past, this type of work was done by analysts trawling through mountains of information, initially in paper files and later on computers.

Another predictive solution, launched in 2014, is Predictify Me. The technology is simple to deploy, can help predict an impending terrorist attack and secure areas against it. Predictify Me uses 200 indicators, such as public holidays, the weather, attacks in nearby countries, sports or other events and even video releases on social media to predict whether and when a terrorist attack is likely to happen. Predictify Me have indicated that it is able to predict an attack within three days with an accuracy of over 70 percent.

With the Internet of Things, every device has an IP address. With more and more devices connecting to not only the Internet but also to each other, the Internet of Things enables increased convenience, efficiency and energy conservation. With internet connectivity moving away from the traditional laptops, tablets and smartphones and migrating toward wearables and household devices such as fridges and washing machines, the IoT can also easily be used for monitoring, location tracking, identification, surveillance and gaining access to networks. Every device will have an IP address and security experts have indicated that surveillance services will able to intercept signals of networked devices in much the same way as they intercept cell phone signals. Information from speeches, satellites, videos and news is all collected and used to monitor and analyse activities, enabling intelligence services to close in on terrorists.

New colour-changing sensors can detect multiple explosives within seconds. In December 2015, scientists developed a new colour-changing sensor that is able to identify and quantify multiple explosives such as DNT, PETN, tetryl, RDX and TNT within ten seconds. The fluorescent sensor gives out information about the type of explosive and how much of it is present in a sample. PETN and RDX for example, have been used in terror plots because they are hard to detect by sniffer dogs. The colour-changing sensor is made from light-emitting nanomaterials or ‘quantum dots’ to which receptors that target the explosive are attached. Each explosive that binds to the quantum dot emits a different colour. These are then analysed in order to generate a unique ‘fingerprint’ for each compound. This makes it possible to detect multiple explosives with one single test.

Way of the Future

Could the internet eventually be used to cause physical attacks? So far, jihadists and others practicing "cyberterrorism" have mainly cracked the passwords for online accounts to collect information for target lists. These efforts have caused a great deal of fear, but not damage or death.But this is something that's coming. The United States and Israel reportedly caused actual damage to the Iranian nuclear program through malware such as Stuxnet. Russia has conducted cyberattacks against physical targets such as the Ukrainian power grid. With Stuxnet being reverse engineered by hackers, and other National Security Agency hacker tools made available through groups like Wikileaks, it won't be long before jihadist or other terrorist hackers are able to cause real world damage by simply accessing the internet.

Other technological tools that can be used for pre-operational surveillance, propaganda purposes and attacks have become prominent as well. For jihadist groups in Iraq and Syria, it's small commercially available drones. Much has been made of the threat of using drones to launch attacks, but to date, drone strikes by the Islamic State have used altered conventional munitions such as 40mm grenades or military-grade explosives placed in locally manufactured munitions. Hezbollah likewise has used drones in attacks, but they similarly have relied on military ordnance provided by Iran. Consequently, even if militants elsewhere attempt to use drones, it will be difficult for militants to reproduce these attacks outside of active war zones. They simply don't have the weaponry. Such drone strikes in domestic settings will remain limited in their capability for now.

As technology advances, terrorists and counterterrorism forces will continue to use it to their advantage. It just depends on who picks it up from the table first.

Challenges Ahead

Research and Development Trends. Most of the cutting-edge research in related areas, particularly with regard to information technology and biotechnology, is in the private sector where development pro­grams are largely driven by potential markets and the profits to be made in the security sector seem to pale in comparison with other commercial opportunities. This challenge can be addressed by mak­ing the counterterrorism community a more attrac­tive customer for the private sector. A significant next step would be initiating a serious dialogue to determine what a future inter­national counterterrorism security technology development regime might look like. 

Barriers to Innovation. Even if private research and development can be better teamed with gov­ernment efforts and focused on the terrorism chal­lenges of the 21st century, the traditional barriers to innovation in law enforcement technologies will remain. These challenges include four areas.

Cost. The expense of new technologies includes both the cost of procuring a technol­ogy and the opportunity cost of adopting that technology as compared to other uses to which resources might be put.

Technology Risk. This includes the ever-present risk that "big bets" will fail. The tech­nology may not perform as expected or ade­quately address the tasks for which it was adopted.

Human Factors. New counterterrorism tech­nologies can face a plethora of obstacles that have nothing to do with fiscal costs or technical specifications. For example, data mining and biometrics have raised an array of concerns about the protection of civil liberties and safe­guarding of proprietary commercial informa­tion. Non-lethal weapons face legal barriers. 

Unanticipated Costs. Any new technology will bring unintended consequences. The introduction of nanotechnologies, for example, has raised concerns about the potential conse­quences of unintentionally introducing new compounds into the environment. New tech­nologies can also bring unexpected liabilities and adverse public reactions.

Conclusion

The terrorists are proving more and more adept at using sophisticated technology. The terrorist threat against the free world is seri­ous and enduring. We need to stay one step ahead and keep developing new, improved technology. We need to jointly develop the means and the technologies needed to meet this threat. The obstacles to creating an arsenal of counter-terrorism technologies that are practical and afford­able and overmatch the threat of 21st century ter­rorism are daunting. Creating a vision of these future technologies, implementing initiatives that broaden the market and make it more predictable and dependable, and developing policies that will help to overcome the barriers to innovation are essential steps to harnessing technology to the future needs of law enforcement.

1 comment:

KPM Das said...

While I agree with the author on the many proposals and recommendations, wish to point out that tons of "thought papers" and "recommendations" have zero value unless we develop a commensurate culture of doing things on the ground. We pontificate and propose, recommend and conclude, but little gets actioned. 20 years ago, Indian Army developed a state of the art handheld, for counter-terror operations (not approach papers or architectures but a real device) called SATHI. This was driven by an Army team entirely guided by industry and academia and concept-to-prototype completed in 24 months with a full-blown trial(of 500 devices) in both the plains and mountain sectors. And then the strategic community took charge and could not bring this disruptive R&D to production and mass use in counter-terror formations/units. We need to match papers with hands-on development.