Perspective Intelligence

Writings on Security and Intelligence by Roderick Jones

Hack-Jet: Losing a commercial airliner in a networked world

Last landing at CDG airport for this airbus A330

When there is a catastrophic loss of an aircraft in any circumstances, there are inevitably a host of questions raised about the safety and security of the aviation operation. The loss of Air France flight 447 off the coast of Brazil with little evidence upon which to work inevitably raises the level of speculation surrounding the fate of the flight. Large-scale incidents such as this create an enormous cloud of data, which has to be investigated in order to discover the pattern of events, which led to the loss (not helped when some of it may be two miles under the ocean surface). So far French authorities have been quick to rule out terrorism it has however, emerged that a bomb hoax against an Air France flight had been made the previous week flying a different route from Argentina. This currently does not seem to be linked and no terrorist group has claimed responsibility. Much of the speculation regarding the fate of the aircraft has focused on the effects of bad weather or a glitch in the fly-by-wire system that could have caused the plane to dive uncontrollably. There is however another theory, which while currently unlikely, if true would change the global aviation security situation overnight. A Hacked-Jet.

Given the plethora of software modern jets rely on it seems reasonable to assume that these systems could be compromised by code designed to trigger catastrophic systemic events within the aircraft’s navigation or other critical electronic systems. Just as aircraft have a physical presence they increasingly have a virtual footprint and this changes their vulnerability. A systemic software corruption may account for the mysterious absence of a Mayday call – the communications system may have been offline. Designing airport and aviation security to keep lethal code off civilian aircraft would in the short-term, be beyond any government civil security regime. A malicious code attack of this kind against any civilian airliner would, therefore be catastrophic not only for the airline industry but also for the wider global economy until security caught up with this new threat. The technical ability to conduct an attack of this kind remains highly specialized (for now) but the knowledge to conduct attacks in this mold would be as deadly as WMD and easier to spread through our networked world. Electronic systems on aircraft are designed for safety not security, they therefore do not account for malicious internal actions.   Read the rest of this entry »

Written by Roderick Jones

June 9, 2009 at 2:03 am

Posted in CyberWar, General Aviation, Terrorism

The Lulz takes on North Korea

As a one-time student of the cold war, pondering the potential causes of a global nuclear war was something of a Sunday afternoon past-time. The historic classic is of course the Cuban missile crisis but equally important were the series of near misses based on the faulty reading of radar early-warning systems when flocks of birds flew over the Artic Circle, or overly aggressive NATO military exercises feeding Soviet anxieties. With the recent North Korean provocations, sadly this subject is back in vogue. In some ways, although there are no clear diplomatic solutions to the North Korean danger, it does play to traditional intellectual strengths the US has in the field of geo-political nuclear strategy – a relief from the messy world of non-state actors, insurgency and cyber-militias. However, there may be a new element in all of this that could act as the proverbial flock of geese: cyber-pranksters.

North Korea is famously a closed society, which hasn’t registered or used its Internet domain designation (.kp). However, it does have a ‘government’ website operated by theKorean Friendship Association hosted in Spain. Over the past month the loose affiliation of hackers, pranksters and griefers operating under the ‘Anonymous‘ theme have reportedly organized two Distributed Denial of Service (DDoS)attacks against this site – knocking it offline for 90mins at a time. Would this be seen as western provocation by North Korea? Who knows, but it does raise the question of how uncontrolled or accidental cyber-warfare could have unintended consequences, a new factor in an old dynamic. Unlike nuclear technology the ability to conduct cyber-warfare is not the sole preserve of states. Individuals, or loosely affiliated groups of individuals operating on a trans-national basis can replicate some if not all of a nations capability. The image-boards, which are the home point for these ‘Anonymous’ cyber attacks operate collaborative wiki’s to organize and co-ordinate their attacks — this enables them to harness the power of the crowd. The targets vary substantially from YouTube to Club Penguin, therefore interest in overt political statements are more the exception than the norm. Clearly there is much more to say on the ‘Anonymous’ and ‘Chan’ phenomena but for now it is interesting to note this new factor in an all too familiar stand-off.

Communism or Lulz?

PDF’s of Insurgency Wiki relating to North Korea and 888Chan message board on the same subject.


Written by Roderick Jones

June 1, 2009 at 1:57 am

Posted in Anonymous, CyberWar

ISC report into 7/7 and Information Clouds

The Intelligence and Security Committee (ISC) in the UK was established by Parliament as part of the 1994 Intelligence Services Act to examine the work of the intelligence and security agencies in the UK.

The ISC was asked to review information, which emerged following the CREVICE trial in April 2007 that Mohammed Siddique KHAN and Shazad TANWEER (two of the four 7/7 bombers) had come to the attention of MI5 during the CREVICE operation. The question bluntly asked was, “If MI5 had come across Mohammed Siddique KHAN and Shazad TANWEER before, why didn’t they prevent this outrage?” Read the rest of this entry »

Written by Roderick Jones

May 19, 2009 at 1:53 am

Posted in CyberWar, Islamist, Terrorism

Tagged with , ,

The problem with relying on crowds

leave a comment »

I have had some objections to the use of crowds to conduct information anaylsis but have never been able to put it quite as well as today’s editorial in the Financial Times:

Wisdom of nerds

Published: February 13 2009 21:57 | Last updated: February 13 2009 21:57

Never a man overburdened by modesty, during his stay in Davos, Gordon Brown compared himself to Titian, the Venetian painter, when he was 90 years old. The parallel? By that age, the 16th-century master was long-established, but felt he was still learning his craft. David Cameron, the UK Conservative leader, tried to score a cheap point this week by claiming Mr Brown might have been like Titian at 90 – but the maestro had died at the age of 86.

All we know with certainty is that Titian died in 1576. His birth date is unknown. He may have been over, or under, 90 years old when he finally kicked the paint can. But one of Mr Cameron’s apparatchiks decided to settle the argument.

He went to Wikipedia – the online encyclopedia which anyone can alter – and edited Titian’s vital statistics. Rather than changing his date of birth – the contentious issue – he killed him off a few years early – before he painted a final dramatic Pieta, in fact. Be thankful the virtual airbrusher did not try to claim an endorsement to boot.

Many, including Tories, have enthused about Wikipedia in the past – and not just for its convenience in correcting history’s little mistakes. So long as readers are aware of Wikipedia’s limitations, it is a useful tool. There is certainly no better place to find lists of Jedi Knights, once among the site’s longest and most tedious entries.

The real problem is far broader. Wiki-enthusiasts cite the “wisdom of crowds” as a reason for the accuracy of the encyclopedia. They claim that, just as a market finds prices for goods based on our differing opinions of what they are worth, so a crowd can establish what truth is. But whereas prices are reliant on opinions and values, facts are either true or false.

Any attempt to turn mob opinion into the test for truth is pernicious. That a thought might be popularly believed does not make it true. The earth did not stand still because Galileo fell out of favour, and evolution has not been disproved by the faith of believers. The wisdom of crowds can only be conventional.

Copyright The Financial Times Limited 2009

Written by Roderick Jones

February 14, 2009 at 9:31 pm

Posted in Uncategorized

Report by the Euro Information and Security Agency

leave a comment »

The European Network and Information Security Agency published a report in December 08 entitled,

Virtual Worlds, Real Money: Security and Privacy in Massively-Multiplayer Online Games and Social and Corporate Virtual Worlds.

Link here.

Written by Roderick Jones

January 16, 2009 at 11:25 pm

Posted in Crime, Money Laundering

Globally Networked Anarchism (#Griot)

As 2008 draws to a close it is fair to say that the hype surrounding virtual worlds has dissipated.  However, it is worth highlighting the continued utility of virtual worlds as not only immersive environments, but also as compelling communication venues.  What continues to separate Second Life from popular gaming virtual environments such as World of Warcraft (WoW), is its ability to globally connect users.  WoW is of course a multi-user environment but as any player will know the opportunities forglobally connecting are limited by the local server you attach yourself to.  Second Life remains a more international venue when used in creative ways – global networked protest is one such way.

A recent article in the Economist highlighted the way in which the anarchist movement driving the riots within Greece has been able to connect internationally using the technology tools we are increasingly familiar with, YouTube (150,000 views), Blogs and Facebook. Facebook in particular appears to be the protest connection venue of choice, for a variety of movements from Egypt to Greece.  The behavioral socio-political data that is present within the architecture of the Facebook site would provide keen insight into this developing opposition phenomena if examined and exploited. The new kids on the block are also represented by Twitter(through the #griot descriptor) and Second Life.  This global connectivity produced a global reaction with protests appearing in a variety of other countries.  While Facebook and Twitter are currently gathering the majority of the attention, arguably the seeds of better future information portals are to be found in Second Life.  Read the rest of this entry »

Written by Roderick Jones

December 31, 2008 at 1:45 am

Posted in Left-Wing Terrorism, Social Networks

Tagged with , , ,

Mumbai, Technology and Information War

Terrorist attackers against Mumbai are reported to have used GPS, Blackberries and Google Earth during various phases of their operation.  The fact that this does not seem remarkable is a comment on how rapid technological change as become.  On the flip side this incident also saw an explosion of user-created content covering the attacks including:

  • Twitter – the real-time element of this service gives it a significant advantage in covering ongoing incidents. Link
  • Flickr – photographs of the incident by Vinukumar Ranganathan have attracted hundreds of visitors. Link
  • Google Docs- User created spreadsheet of casualties. Link
  • Google Maps – User created incident map. Link
  • Wikipedia – Quickly had a 4,000 word description of the attack that was constantly being corrected and revised. Link
  • Human search engine Mahalo.com – Extensive user generated content on the attacks. Link
  • Citizen Media aggregator Now Public – also has an extensive amount of coverage. Link

It isn’t possible to look at the explosion of content relating to the attacks without concluding that the proliferation of information and the tools to produce it in a variety of ways, almost certainly aid terrorists and amplify the effect of their attacks.

On a tactical note the same tools that allow someone thousands of miles away to monitor the situation on the ground also allow the attackers to get a clearer picture of what government forces may be planning.  Initial reports have claimed the terrorists in the Taj hotel did use their blackberries for this purpose.  Along those lines the BBC carried a report regarding Indian government attempts to switch-off Twitter – this remains unconfirmed.

Finally, it also leads to the conclusion that next-gen attacks will seek to control the information or dis-information flow as part of the attack process.  The central lesson here seems to be don’t believe everything you read online!

Written by Roderick Jones

December 2, 2008 at 1:39 am

Posted in Islamist, Terrorism

Tagged with , ,

Aardvark’s and Avatars

There continues to be some discussion and rejection of the idea that terrorists would be able to exploit new technology platforms such as social networking and virtual worlds. In arecent post the blogger Abu Aardvark (aka Marc Lynch from GW University) goes some way in debunking ideas surrounding terrorist use of social networking, Wiki’s and virtual worlds. He further states that Al Qaeda is now behind the curve in using the area of user-generated content and interactivity. While, the aardvark’s media analysis relating to ‘al-Qaeda outreach’ appears to be sound I think he misses a fundamental point about terrorists and technology.

The defining feature of terrorism and technology is its adaptive quality. It is highly unlikely that individual terrorists or terrorist groups would exactly replicate the mainstream functions of the technology abu aardvark highlights in his post. It is more likely they would take certain elements from the various innovations and mesh them together or otherwise distort them. So an al-Qaeda Facebook isn’t going to happen anytime soon but using the system to identify IDF soldiers for possible assassination already has. Similarly an ‘AQThirdlife’, which replicates the virtual world Second Life seems unlikely but using some of its key features still seems probable. The virtual money transfer aspect continues to be a high on most peoples list of concerns (this is discussed in a recent SSRN paper written by Stephen LandmanFunding Bin Laden’s Avatar: A proposal for the regulation of Virtual Hawalas, which he has kind enough to share with me). Aardvark’s point about an AQThird life also fails to account for phenomena such as the virtual caliphate, which is running in the UK, where users log into areas to see and hear sermons by dead or expelled radical preachers – there continues to be a market for extremism and virtual exposure to it is potentially more powerful than real exposure.

As ever the central point is that given rapid and increasing virtualization flexible thinking and planning is required to conceptualize the next form of terrorist threat — blogs appear to be a great enabler of this practice.

Written by Roderick Jones

November 18, 2008 at 1:37 am

Posted in Terrorism

Twit or Tweet

The Army’s 304th Military Intelligence Battalion recently produced a presentation entitled, “ al Qaida-Like Mobile Discussions & Potential Creative Uses”. The presentation has some interesting information regarding, ‘Pro Terrorist Propaganda Cell Phone Interfaces”, mobile phone target surveillance, “Voice Changers for Terrorist Telephone Calls” and finally, “Potential for Terrorist use of Twitter”. This last topic has received some commentary having been seized upon by Wired’s Danger Room Blog. As usual with discussions centered on the terrorist potential use of any new technology, negative comments focus on the, “ why don’t they just use the telephone” argument. However, this as ever misses the wider point.

Twitter has been around since July 2006 and is billed as a micro-blogging service with a social networking aspect – it is a highly fluid platform that can be meshed with a variety of other online tools. As with many innovations in this space its full utility is simply unknown – therefore, it is useful to speculate on both the potential negative and positive uses. As a society we now have a pretty good idea of how the telephone works.

The military intelligence report highlights three scenarios relating to how Twitter could be used – terrorist command and control, terrorist real-time targeting for suicide operations and pre-operational research on terrorist targets who use Twitter. Of these scenarios it is the latter that is so far potentially the most ‘negative’ use of Twitter. It is possible to produce an unnerving amount of information relating to specific Twitter users based on their social patterns and individual entries. As a rule of thumb it seems that it is never the primary functions of these platforms, which are the most revealing but their secondary and tertiary applications.

Twitter along with its competitor Jaiku continues to develop and as it does so will its impact on society. It is worth noting that the LA Fire Department is making good use of Twitter as a real-time incident information platform. Perhaps the terrorist use of Twitter will be the revival of alhesbah as a micro-blog sending ideological updates to followers as well as including LAFD style incident updates – I would add this as, potential use scenario 4.

Written by Roderick Jones

October 27, 2008 at 1:34 am

Posted in Terrorism

Religion, Radicalization and the future of Terrorism

with 3 comments

mi55.jpgThe UK’s Guardian today published details of a report produced by Britain’s Security Service (MI5) entitled, ‘Understanding radicalization and violent extremism in the UK‘. The report is from MI5′s internal behavioral analysis unit and contains within it some interesting and surprising conclusions. The Guardian report covers many of these in depth (so no need to go over here) but one point, which is worth highlighting is the claim made within the report that religion is and was not a contributory factor in the radicalization of the home-grown terrorist threat that the UK faces. In fact, the report goes on to state that a strong religious faith protects individuals from the effects of extremism.

This viewpoint is one that is gathering strength and coincides with an article written by Martin Amis in the Wall Street Journal, which also argues that ‘terrorism’s new structure’ is about the quest for fame
and thirst for power, with religion simply acting as a “means of mobilization”.

All of this also tends to agree with the assertion made by Philip Bobbit in ‘Terror and Consent‘, that al-Qaeda is simply version 1.0 of a new type of terrorism for the 21st century. This type of terrorism is attuned to the advantages and pressures of a market based world and acts more like a Silicon Valley start-up company than the Red Brigades — being flexible, fast moving and wired — taking advantage of globalization to pursue a violent agenda.

This all somewhat begs the question of, what next? If al-Qaeda is version 1.0 what is 2.0? This of course is hard to discern but looking at the two certain trends, which will shape humanity over the next 20 years – urbanization and virtualization – throws up some interesting potential opponents who are operating today. The road to mass urbanization is currently being highlighted by the 192021 project (19 cities, 20 million people in the 21st century) and amongst other things, points to the large use of slum areas to grow the cities of the 21st century. Slum areas are today being globally exploited from Delhi to Sao Paulo by Nigerian drug organizations that are able to recruit the indigenous people to build their own cities within cities. This kind of highly profitable criminal activity in areas beyond the vision of government is a disturbing incubator.

150px-AnonymousDemotivator.jpgIncreased global virtualization complements urbanization as well as standing alone. Virtual environments provide a useful platform for any kind of real-life extremist (as is now widely accepted) but it is the formation of groups within virtual spaces that then spill-out into real-space that could become a significant feature of the 21st century security picture. This is happening with, ‘Project Chanology‘ a group that was formed virtually with some elements of the Anonymous movement in order to disrupt the Church of Scientology. While Project Chanology (WhyWeProtest Website)began as a series of cyber actions directed at Scientology’s website, it is now organizing legal protests of Scientology buildings. A shift from the virtual to the real. A more sinister take on this is the alleged actions of the Patriotic Nigras – a group dedicated to the disruption of Second Life, which has reportedly taken to using the tactic of ‘swatting’ – which is the misdirection of armed police officers to a victim’s home address. A disturbing spill-over into real-space. Therefore, whatever pattern future terrorist movements follow, there are signs that religion will play a peripheral rather than central role.

Originally posted at counterterrorism blog

Written by Roderick Jones

August 22, 2008 at 9:47 pm

Posted in Extremism/Terrorism

« Older Entries
Newer Entries »
Follow

Get every new post delivered to your Inbox.