Feeds

Drowning in data - complexity's threat to terror investigations

Knowing everything, except what happened?

Boost IT visibility and business value

Obviously, the context of a suspect's actions is important in an investigation, whether or not those actions are in themselves illegal. If for example it had been known that the future July bombers were researching detonators then concern and further investigation would have been in order. The question of whether or not an action is illegal is however important. A legal but suspicious action requires investigation of context in order to determine intent, and to identify the actual crime, whereas an illegal action (which nevertheless might have a perfectly innocent explanation) allows prosecution without reference to or investigation of context.

And the wrong people sometimes get sent down. That however is not the immediate problem from the point of view of the system. Widespread prosecution for trivial and low-level offences will tend to overload the system and reduce focus on potentially more serious offences, while choking processes with low-level and irrelevant data, and directing resources down blind alleys. Police will frequently find themselves failing to find the conspiracy in cases where there really wasn't one.

Whatever though, once a suspect is on the radar they get turned over and their house torn apart, at which point evidence may emerge proving they're a more prosaic class of criminal instead (Or as well as...? Well, they might be). Alternatively, their computer data might reveal visits to suspicious sites or shady chatrooms, possibly meaning they're in possession of information likely to prove useful to terrorists, and possibly also producing other names, possibly in other countries, of people whose homes can be dismantled too. This also works in the other direction - several recent arrests in the UK suggest that police have been following up overseas tips based on the monitoring of email contacts and/or web site visits. Thus do the numbers grow.

It is, as the police would have it, perfectly possible that those charged with non-terrorist or low-level offences would later have committed more serious acts, and/or that longer and more intensive investigation would have uncovered the serious acts they intended to commit, and the mysterious terror mastermind. But it is also perfectly possible, and given the number of 'suspects' considerably more likely, that they weren't real terrorists in the first place and you've just bust the budget trying to prove they were.

How many? A few months ago press reports of the number of terror suspects in the UK climbed steadily to 1,200, a figure from theDaily Telegraph which is quoted in the Home Affairs Committee report. The Independent, however speaks of MI5 now investigating 8,000 (a BBC report puts the number as "less than one per cent" of a total of approximately 1.5 million UK muslims) al-Qaeda "sympathisers" , i.e. people who might become terrorists. As indeed they might do, but the number you come up with is always going to depend on how widely you cast the 'might' net. Back in the 70s and 80s there were quite possibly more than 8,000 sympathisers for the Red Brigades or the Red Army Fraction in the UK, and most certainly well over 8,000 for the Provisional IRA. The move from sympathiser to activist was however too great for most of them, and the technology of the time did not support the widespread monitoring of, for example, unguarded conversations in North London pubs. Today's technology and today's and tomorrow's legislative environment do however support this, meaning that the security services have an impressive and exponentially growing number of unguarded electronic pub conversations to follow up.

Most of which will be rubbish, kids who're never going to do anything, talking big. But some of them won't be. Even then though, the would-be terrorists aren't necessarily as dangerous as the headlines (themselves often orchestrated by security service "sources") would have us believe. The much-hyped and hugely expensive ricin affair (see Clarke calls for ID cards after imagining huge poison terror ring) was never any kind of threat, while the apparently non-existent chemical weapon police were seeking at Forest Gate could not have been built in any effective configuration by non-state organisations; anything that could currently be built by terrorists almost certainly would not work, or at best (from their point of view, obviously), would have been gloriously ineffective (see Homebrew chemical terror bombs, hype or horror?).

There we have two UK instances of large quantities of investigative resources being expended on first, a nutter (who nevertheless clearly should have been picked up), and on a threat that manifestly could not have existed. The Met, incidentally, strove long and hard to establish an international 'al-Qaeda connection' to the nutter, claiming last October that the investigation spanned "26 other jurisdictions" in addition to the UK. It said of this case: "The challenge was to analyse a huge amount of material, to identify the prime conspirators (and what it was they were plotting to do), and to clarify the roles played by each of the suspects. This proved impossible in the time available..." Indeed - but even if the conspiracy was more than the product of fevered imaginations triggered by a squealer in Algerian custody, the fact remains that it was centred on a joke recipe for a relatively ineffective poison. Would resources not have been better deployed against more immediately dangerous threats?

The State they're in Forest Gate shows that since the ricin affair the security services have acquired little scientific knowledge of the substances they're in hot pursuit of, and remain fixated on the largely illusory threat of chemical, biological and nuclear attacks. This clearly leads to pre-emptive actions that need not have happened.

The Met document describing the "challenge" of the ricin affair, a letter from the Met's Andy Hayman to then Home Secretary Charles Clarke in support of 90 day powers, also includes a "Theoretical Case Study", which is part bad movie terror threat script, part the Met's dream mega terror case. A "reliable" tip tells of terror attacks planned on the Houses of Parliament and British Embassies in Pakistan, Istanbul and "Morrocco" (sic). The attacks will take place in three months, using conventional and homemade explosives, and possibly CBRN (Chemical, Biological, Radiological and Nuclear). The tale then describes surveillance, 15 arrests, 55 forensic searches throughout the country, 4,000 exhibits, 600 documents in Arabic, boxes of Arabic videos, 100 ID documents, "over 268" seized computers, 274 hard disks, 591 floppy disks, 920 CD DVDs, 47 zip drives, 60 mobile phones, 25,000 man hours spent on CCTV, 3,674 analysing eavesdropping material, evidence gathering in 17 countries... The list goes on and, as the Met letter says ("statistics used are entirely typical"), it's a fair estimation of what the security services do when they think they're on to something.

Build a business case: developing custom apps

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
Grim diversity numbers dumped alongside Facebook earnings
Microsoft: We're making ONE TRUE WINDOWS to rule us all
Enterprise, Windows still power firm's shaky money-maker
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.