Tag Archives: Security

Intern the terrorist sympathisers now?

Over the last 48 hours I’ve seen a lot of people calling for us to just intern the terrorist sympathisers now. The knee jerk reaction followed the Manchester bombing and repeated after Saturday night’s drive by stabbings at London Bridge. The feeling was that if the security services knew who these people were they should just arrest and intern them now.

When to Intern?

British internment camp for Jewish refugees, H...
British internment camp for Jewish refugees, Huyton (Photo credit: Wikipedia)

The UK last resorted to internment in 1971 in Northern Ireland. It backfired spectacularly. We’ve apparently considered it a couple of times since then, for example in 1990 we considered interning Iraqis in the UK after Kuwait was invaded. We’ve also considered it a few more times since then. There are probably some situations where internment is a good idea.

  • With a well defined group to intern
  • Where there is popular support for the process
  • Where there is the capacity to sort those that we need to intern from those that are benign
  • Where we can safely contain all those that pose a threat in as short a time as possible

Who to Intern

English: An internment Bonfire in Carnlough,Co...
English: An internment Bonfire in Carnlough,County Antrim.The flags on the bonfire include the union jack,ulster and orange order flags and also UVF and YCV paramilitary flags at the top. (Photo credit: Wikipedia)

The major problem with interning Irish Republicans in NI in the early 1970s was that we didn’t have a reliable list. We asked the NI government to tell us who to intern. They were part of the problem, and they gave us a list of people involved in protests. The handful of actual IRA people on it were tipped off by sympathisers and escaped the round up. The fact that the community knew we’d botched it made it easy for the IRA to recruit because the Catholic community? could see we were acting against them.

This might not happen if we used people on watch lists for good reasons. However we’d need to double check them all before moving to arrests. We’d also need to guard against grudge denunciations. The last thing we’d want is to help the terrorists recruit. Getting this right is a very had problem, and one that officials are wary of.

Political Support to Intern

Right now this is probably easy. The media have coverws suggestions that we intern terrorist suspects positively?, and there are recent incidents of terrorism that back these up.

Where this gets harder is in ensuring that safeguards for our freedom as a country are maintained. Magna Carta is a fundamental principle of our Constitution. No-one should be detained without trial, and acting to intern suspected terrorists cuts against this. It has been fiercely debated? in Parliament several times in the last fifteen years. 

Currently we can hold terrorist suspects for up to 14 days without charge, and make temporary orders to restrict their freedom (TPIMs). The TPIM orders are house arrest, and we’ve currently got six people affected by them. That’s about 1% of the publicly admitted watch list (there are apparently 500 people being actively watched). 

Even if Parliamentary approval was given for a more interventionist approach we still need to decide the process for internment.  What standard of evidence will we apply to deciding what constitutes grounds to intern someone? Clearly this needs to be less than the criminal standard of beyond reasonable doubt. If we could meet that then we could charge them with conspiracy and other offences and put them on trial. We do this for a couple of hundred people each year, about 60% get convicted. 

There are two other standards in play, there’s reasonable suspicion (probable cause to Americans) and the balance of probabilities. The trouble with the former is that it will throw up a lot of false positives. The latter needs us to have more information, and brings the opposite risk of false negatives. It’s a hard problem, but presumably soluble in the same way the security services currently make tricky decisions about resource allocation. 

Capacity to Intern

If we can work out who to intern, and get buy-in, how do we go about it? For a start we’d probably want to look at the lessons from Operation Demetrius, and probably also operations in Iraq and Afghanistan. 

Rounding up suspects is labour intensive. You don’t just send a couple of coppers out with a van and a list of addresses. There’s an intelligence operation to find and fix the suspects. This needs to be followed up with as many simultaneous? raids as possible. Each of those raids needs 10-20 police or soldiers to conduct. They’ll need to secure the area and then a small team will need to effect entry and secure the suspect. Given the terrorist angle they need to be prepared for some suspects to be armed, so they all need to overmatch anything suspects might have. 

If we decided to intern all 500 of those being actively watched then we’d need about 7,500 police and army to deal with it. There would also be a need for additional investigation staff to directly interview and prepare cases against those that were arrested. 

Once word gets out there will be a backlash. Some suspects will get away. Some relatives or friends of those arrested will protest. Others might even join in. 1971 saw rioting and shootings in the wake of the arrests. Any actual terrorists that escape will no doubt launch attacks. The recent attacks have mostly been low resource, knives and vehicles, so any competent adult could launch one on a few minutes notice. 

Where do we intern

Even if we find them all, where do we put them? The best place is in a prison where they can be segregated prior to being interviewed and decisions being made about their release or continued detention. One of the lessons from Demetrius was that putting together potential sympathisers with actual terrorists helps them to recruit. So you’d want to avoid that. That means a period of isolation from other internees until they’re graded either for charge, release or extended detention. 

That said, UK prisons seem to have capacity issues. So who would you release early to make space? 

Cyber Warfare – Just a buzzword or scary reality?

Cyber warfare has been on my mind for a few weeks, even before the WannaCryptor incident. It’s been there because I’ve been looking at the innovation context for a digital service I’ve been designing as part of my T317 end of module project. That service is for government, and one of the risks is that someone will try to attack or subvert it.

The other thing that has brought cyber warfare to my head is the forthcoming general election in the UK. There are signs that both the UK referendum on the EU and the US election night have been affected by cyber warfare.

What is Cyber Warfare?

cyber warfare
A linux laptop running wireshark to illustrate cyber defence in action (photo credit: James Kemp)

The popular view is hackers in a basement tracking people, bringing down other computer networks and stealing money. They do impossible things with a few clicks of the keyboard. Taking over CCTV cameras, planting data, or stealing it. The black hat guys use viruses, phishing and social engineering to empty your bank accounts and steal your life.

Personally I don’t buy that image. Bits of it certainly happen. There are a whole load of criminals out there looking to make a profit out of people. But it isn’t as easy or as glamourous as TV would have us believe.

Cyber isn’t Warfare

I see Cyber as a buzzword. It isn’t a new phenomenon. Like a lot of other things it has become much easier to do at scale with the spread of the internet. Warfare is the domain of the military, and implies state sponsored violence from at least one of the parties. Even in small insurgencies the insurgents are acting for political reasons in what they see as their national interest. As that famous Dead Prussian Carl von Clausewitz put it, war is the continuation of politics with other means. So for something to be defined as warfare there needs to be some sort of political dimension to it.

Cyber on the other hand is more of a police and intelligence services matter. Sure, malicious effects on certain systems can cause deaths and injuries. However it’s more about information and criminality than state sponsored violence or politics. There are daily cyber incidents, and they are almost all criminal in intent.

As I see it Cyber has the following potential components

  • Defence against threats (as multi-pronged as the threat landscape)
  • Information operations to persuade people to a point of view (AKA propaganda)
  • Intelligence gathering, both passive and active
  • Disruption of physical infrastructure – e.g. stuxnet style attacks, also control of things attached to the internet (IoT is scary)
  • Facilitation of criminality, whether stealing data/money or supplying contraband or illicit goods or services online

WannaCryptor Wasn’t Warfare

While the details aren’t entirely clear on this incident I think there’s enough data to be certain that WannaCryptor wasn’t an attempt at cyber warfare. I’m pretty sure about that because both of the sheer scale of the infection and the ransomware payload. If it had been political then it woul have been more closely targetted, and there would have been a message attached to it (other than give me some bitcoin). WannaCryptor infected hundreds of thousands of machines across 150 countries. That’s pretty much all countries developed enough to be able to access the internet. If you watch the video of the spread it goes round the world with office hours. It’s more Pandemic than planned campaign.

There’s an outside chance it was planned, but I doubt that it was intended to operate at the scale it did. It would need a top level authority to create that level of impact to deflect suspicion from it being state sponsored. There’s a high likelihood that several affected states will be putting significant effort into tracking down the culprits. Not all will be looking to put them in front of a court.

Cyber Defence

This is an area that should really be in our own hands, in much the same way that we close our doors and windows at home. It’s down to all of us to recognise the threats and act to prevent them. Clicking on links in emails is the digital equivalent of flashing a wallet in a dodgy part of town. Sensible people just don’t do that.

The secret of Cyber, or Digital, or IT, or computers, is simply that they are communication devices. Anyone can talk to anyone else directly. There’s no border, no internal policing, nothing to stop a dodgy person directly contacting you. So everything needs defending directly.  (See Castles in the Sky for my poem about security in the cloud). Every moment of every day carries the risk of compromise. Cyber is like a permanent counterinsurgency, except with viruses, phishing and social engineering in place of IEDs, ambushes and informers.

Cyber as a buzzword

I’ve claimed there’s no such thing as cyber warfare. There are parallels with real warfare though, and cyber operations can, and do, support military campaigns. That doesn’t make it a military thing though. Civilians and intelligence services support military campaigns too. There’s probably also a need for a civilian equivalent of the reserves for the cyber security people, whether defensive or offensive.

Security is millennia old. IT security is decades old. Cyber is simply the latest buzzword to make it sound sexy and attract funding. That’s a good thing, because it can affect us all directly and indirectly. So we all need to pay it some heed.

Security isn’t hard. It just needs you to think about it, and ask questions. Most importantly, don’t let the fear grip you. Fear makes us react irrationally.

My ‘cyber’ credentials

There are a lot of instant cyber experts out there. I’m not one of them. I’ve been working for the UK government in IT related roles back to 1995. This has included being part of the Departmental IT Security Committee when we did Y2K and being on the forefront of designing and building secure digital systems for part of the UK Home Office. I’m a professional member of the British Computer Society. There’s a lot about IT security that I don’t know, I look to the experts I work with on that, but I definitely know more than most of the media pundits you’ll have read recently.