International Cooperation on Global Security
-
Upload
kevinrbeck -
Category
Documents
-
view
19 -
download
0
Transcript of International Cooperation on Global Security
1
1
“EQUIPPING AUSTRALIA AND ALLIED NATION’S
AGAINST EMERGING
AND EVOLVING THREATS”
A proposal to create and/or link state of the art
national security real time systems
Based on the Police Evidence and Forensics
Information Management System (EFIMS) installed
and operating in New South Wales (NSW) Australia
Prepared by Kevin R Beck
Professional Managers and Associates (PMA) Pty Ltd
PO Box 100 Caulfield Victoria Australia 3162
Email: [email protected]
Mobile cell: +61412451029
About the author: (Google sources)
https://www.google.com.au/webhp?sourceid=chrom
e-instant&ion=1&espv=2&ie=UTF-
8#q=kevin%20beck%20money%20laundering
In concert with
Dan Drum Managing Director of Hardcat Pty Ltd
Park Street
Melbourne Australia
http://www.hardcat.com
2
2
OVERVIEW OF PROPOSAL
The Australian government has a priority to equip the nation for the
challenges we face in the every evolving threats of terror within Australia and
externally. Such objectives can come with high price tags and lead times.
More so when one considers the need for international cooperation and
information sharing between allied nations.
This proposal, and its associated conceptual architecture, is conceived from Hardcat‘s Sabre Law Enforcement Software Suite designed, installed and operating in one of the world’s most advanced policing environments, the Australian state of New South Wales Police epartment. It is known as EFIMS (Evidence and Forensic Management Information System) a customised purpose built system based on Hardcat’s Sabre Law Enforcement Product. Hardcat SaBRe is a “best of breed” tracking and information management system giving this law enforcement organisation unrivalled transparency and intelligence on cases, events, incidents, jobs, exhibits, property, electronic briefs and chain of custody. An end to end application supporting the gathering of data, materials, evidence and analysis including forensics, organising complex, diverse and disparate information, into formats, and complying policies, for presentation in court. Detailing sources of information, warrants, wire taps, other intelligence and analytics that must go into a security and/or criminal investigation and the ultimate presentation requirements before a court of law.
3
3
According to the Australian Department of the Attorney General, September
2012, “Australia has developed significant national security capability in the
fight against terrorism espionage, serious and organised crime, and cyber -
crime.
Our challenge is to ensure that, as Australia evolves as a 21st century society
and economy, our national security capability similarly evolves with high levels
of agility and adaptability and continues to meet emerging threats. As
Australia advances, so too do threats to our wellbeing. Meeting the challenges
of new technologies and methodologies is a key priority for the Australian
Government in the national security sphere. Our law enforcement and security
capabilities must keep ahead of terrorists, agents of espionage and organised
criminals who threaten our national security and the safety of our citizens. So
our law enforcement and intelligence agencies must be equipped with
contemporary skills and technologies, and backed by necessary powers –
coupled with the appropriate checks and balances and oversight mechanisms
society rightly demands.”
The concept proposed here is to bring together the multi systems of
Australia’s government agencies, and those of its allies around the world to
whatever extent is deemed feasible whilst taking into account any necessary
reforms that must be enacted within countries working together, covering
pressing initiatives such as telecommunications interception reform,
metadata, telecommunications sector security reform and the Australian
intelligence community reforms.
We expand the above to incorporate Border Protection and Customs, Defence
and Intelligence Agencies, Foreign Affairs agencies of allied countries, agencies
such as Interpol, country’s own Crime Commissions, Federal and State Policing,
Drug Enforcement, FBI style agencies and nation’s critical infrastructure utilities
such as telecommunications and banking. The Hardcat Sabre EFIMS technical
capability can confront terrorists, agents of espionage and organised criminals
head on providing real time intelligence to approved agencies across multiple
jurisdictions.
4
4
INDUSTRY WITHIN NATION’S MUST PARTICIPATE AND PUT IN A
CONTRIBUTION TO GLOBAL SECURITY
The National Security Committee of the Australian government recognises
that Telecommunications interception reform is a significant challenge in any
National Security plan. No doubt our allies face similar legislative hurdles. It is
one thing to make telecommunication providers keep metadata, but how do
agencies use it and for what?
Similarly banking enterprises must also contribute to the source information
of allied nations, as well as major utilities and even global software and
technology companies that expect governments and states to provide secure
places to conduct business.
The Australian Crime Commission’s “Future of Organised Criminality in
Australia 2020” assessment is directly relevant to our concept proposal by
proffering working and highly effective software, ciphers and other
methodologies to match and exceed criminal capabilities in technology
obstruction and their ability to impede detection by law enforcement and
security agencies.
The NSW Police system supports the gathering of multi-source materials,
leading, if required, to the prosecution of serious and organised and other
technology‐enabled crime. However it does not have to be applied specifically
for activities that will go to court but can be adapted to track information and
assemble case files used to inform decision making and counter terrorism
activities.
5
5
Within our proposed National Security Sabre model we have included threats
posed to critical infrastructure. The security and resilience of such
infrastructure significantly affects the social and economic well‐being of the
nation.
Global intelligence community reform is about appropriately equipping and
enhancing the operational capabilities of these agencies and also providing a
mechanism to gather and synthesise data, events, apparently disparate, and
unrelated intelligence, and evidence from anywhere in real time.
To be able to package it as either locational intelligence, national, regional or
local in an unallocated sense or to actually attach it to an individual or group of
individuals tracking their movements and entering the evidence and reports
into a file similar to a NSW Police case ready for the prosecutor in court. But
we also conceive that agencies might want to assemble case files containing
materials that never are to go to court. The multi-sources of highly sensitive
information serve the analytical and assessment functions and readiness
capacity of agencies across the world. The Hardcat Sabre concept is a working
framework to better manage national security challenges to any nation’s
security and the many reforms envisaged by government necessary to enhance
it.
Incorporation of Government Reforms, Policies and Processes
In developing our model off the NSW Police foundation using it as a prototype upon which additional features and models are added we take note of:
• The desirability of comprehensive, consistent and workable laws and
practices to protect the security and safety of any nation, its citizens and businesses, including privacy and intrusion issues
• the need to ensure that intelligence, security and law enforcement
agencies are equipped to effectively perform their functions and cooperate effectively in today’s and tomorrow’s technologically advanced and globalised environment, and
• The fact that national security brings shared responsibilities to the
government/s of a nation and the private sector as well
6
6
This proposal encompasses:
a) the challenges of new and emerging technologies upon agencies’
capabilities b) the requirements of a modern intelligence and
security agency legislative framework, and to enhance cooperation
between agencies, and
c) the need for enhancements to the security of the telecommunications sector.
The EFIMS system installed in NSW Police is readily adaptable to any context of law enforcement or intelligence whilst
a) containing appropriate safeguards for protecting the human rights and
privacy of individuals proportionate to any threat to national security and the security of the private sector
b) applying reasonable obligations upon industry whilst at the same
time minimising cost and impact on business operations in the public and private sector, in short this is a very economical proposition.
c) and addressing law enforcement reduction of capabilities from new technologies and business environment, which has a flow‐on effect to security agencies.
Governments grapple with strengthening the safeguards and privacy protections under the lawful access to communications regime in various types of Telecommunications (Interception and Access) Acts of
nations and we take account of
a. privacy protection
b. the proportionality tests warrant issue
c. mandatory record‐keeping standards
7
7
d. oversight arrangements by Ombudsmen and Regulators, Parliament and so on
Nations may want to
a. reduce the number of agencies eligible (and authorised)
to access communications information
b. address the standardisation of warrant tests and thresholds
Streamlining and reducing complexity in the lawful access to communications regime by
a. simplifying the information sharing provisions that allow
agencies to cooperate using the EFIMS as a model (with a central customised (top secret design versions)
b. removing legislative duplication where feasible and allowable under a nation’s Constitution
Our technical model incorporates a financial layer to enable a cost sharing framework to:
a. align industry interception assistance with industry regulatory policy b. clarify regulatory and enforcement roles
Security Intelligence Acts and the like
Modernising and streamlining warrant provisions
a. the definition of a ‘computer’
b. enabling warrants to be varied by an approved authority, simplifying the renewal of the warrants process and extending duration of search warrants from say 90 days to 6 months or whatever a nation’s laws may allow.
8
8
Users of the system can be designated by roles and levels of access and authenticity in their work.
Intelligence Services Acts or the like
The technical design can incorporate a nation’s Defence’s Imagery and
geospatial organisation’s authority to provide assistance to approved bodies working in unison in real time on the system adding information
and intelligence from diverse and disparate sources.
Telecommunications (Interception and Access) Acts and the like
a. Sabre can be designed to handle the creation of multiple or single warrants with multiple interception powers
Cooperative frameworks between nation’s governments, agencies, private enterprise and the community can be leveraged –
a. Industry interception obligations
b. Ancillary service providers not currently covered by the
legislation
c. t h e three‐tiered industry participation model d community input – crime stoppers and other reporting mechanisms
Security Intelligence Organisation Acts and the like
Sabre EFIMS is a working example of what is possible for an intelligence operations scheme. Protecting officers and human sources with protection from criminal and civil liability for certain conduct in the course of authorised intelligence operations.
9
9
You can:
a. Establish a named person warrant enabling intelligence agencies to request a single warrant specifying multiple (existing) powers against a single target instead of requesting multiple warrants against a single target.
b. Align surveillance device provisions with any Surveillance Devices Acts
c. Enable the disruption of a target computer for the purposes of
a computer access warrant
d. Enable person searches to be undertaken independently of a premises search e. Establish classes of persons able to execute warrants and track
Establish an agency’s ability to cooperate with the private sector/community and then track that cooperation as part of a file or schema of files in whatever context you want to look at, assemble and expand it. EFIMS can take into its structure business rules and policies the:
Telecommunications (Interception and Access) Act s and the like
The Lawful Access Regime a. expanding the basis of interception activities and decryption of communications b. Industry response timelines c. tailored data retention periods for parts of a data set, with
specific timeframes taking into account agency priorities, and privacy and cost impacts
Telecommunications Act s and the like
The Sabre EFIMS system will address security and resilience risks posed to the telecommunications sector and can be enabled to permit legal authorised access to third party systems monitoring such access.
10
10
Security Intelligence Organisation Acts and the like
Enabling warrant provisions through interconnection to, and use of,
a. third party computers, and communications, in transit to access a
target computer under a computer access warrant.
b. the incidental power in the search warrant provision that authorises access to third party premises to execute a warrant and which are recorded in EFIMS
c. reasonable force recoding during the execution of a warrant, not
just on entry.
d. an evidentiary certificate regime.
Intelligence Services Acts and the like
Assembling broad or detailed and very specific files covering: a. persons, or groups, likely to be, involved in intelligence or
counter‐ intelligence activities.
b. recording in detail a Manager of an Agency or the Parliament Minister/Head authorising specified activities which may involve producing intelligence on a person or persons where the Agency is cooperating with any other agency or intelligence body in the performance of a function pursuant to an act of parliament
c. Enable an agency to provide training in self-defence and the use
of weapons to a person cooperating with agencies. Hardcat systems currently installed in many Australian state and other international police regimes track the issuance of such weapons against an individual or event and prescribed use and circumstance.
The overall impacts are:
1. The Sabre National Security Centre piece is built in months, not years to security approved levels for general reporting and separately
11
11
authorized access for analytics using whatever engine a nation state or agency chooses
2. The prototype cost design upon which the National Security Sabre system is concepted is already built it requires customisation to suit (a base model is estimated to be $AUD20,000,000 with cost add - ons being the number of repositories and extraction database links required
3. National and International Agencies gain from increase operational efficiency
4. In turn a nation gains from these efficiencies 5. Reduction of manual effort in managing the chain of custody process for
exhibits (if required) 6. Increased number of positive and linked identifications 7. Prioritisation of jobs based on real time data from multiple sources 8. Reduced effort tracking exhibits and property 9. Performance improvement mechanisms 10. Secure (access can be controlled by biometric identification systems many
of which are owned now by agencies for audit ability across all entities within the system
11. Manage the complete lifecycle of cases, events, incidents, jobs, exhibits and property
Hardcat’s Sabre can incorporate or eliminate manual brief construction where manual might be used for extremely high security rather than automated, where limited access is required, for cases, events and incidents and can balance valuable resources with back room and frontline operations
INTERCEPTION
Interception of telecommunications content and data is a powerful and cost
effective tool for law enforcement and security agencies to reduce threats to
national security and to assist in the investigation and prosecution of criminal
offences. [Report of the Review of the regulation of access to communications
(Australia 2005) (the Blunn Report)]
Access to interception is tightly regulated and, in relation to content, is limited to the investigation of serious offences under the authority of an independently issued warrant and subject to a range of oversight and
12
12
accountability measures. Sabre (existing EFIMS capabilities) can assist users to document instances.
Sabre will:
Meet privacy protection objectives, and the proportionality
test for issuing warrants, mandatory record‐keeping standards,
and oversight arrangements by the Commonwealth and State
Ombudsmen
Control the number of agencies eligible to access
communications information and the system’s files
Standardise warrant tests and thresholds
Simplifying the information sharing provisions that
allow agencies to cooperate
In real technology terms align industry interception assistance with industry regulatory policy
Create a single warrant with multiple TI powers
Implement detailed requirements for industry interception obligations
Implement whatever tiered industry participation model you envisage and
Immediately accommodate an expansion of the basis of interception activities
Document in evidentiary form the offence for
failure to assist in the decryption of communications
Immediately apply tailored data retention periods of parts of a data set,
with specific timeframes taking into account agency priorities and
privacy and cost impacts
Strengthen the safeguards and privacy protections of the interception
regime in line with contemporary community expectations;
13
13
lawful access regime for agencies;
Streamline and reduce complexity in the lawful access regime; and
• Modernise cost sharing frameworks.
Arrange data in a form to enable prosecution (as used by NSW Police)
Reliably identify communications of interest and to
associate them with telecommunications services;
Reliably and securely access communications and associated data of
interest within networks; and
Provide tools to effectively interpret the communications to extract the intelligence or evidence
Sabre (EFIMS) will swiftly enable the Commonwealth to Implement a standard
threshold for both content and stored communications warrants (assuming
that enabling legislation has been passed) removing the complexities inherent
in the current interpretation of what is a serious offence, recognise the growing
number of online offences and provide consistent protection for ‘live’ and
‘stored’ content.
National security risks
14
14
“The Australian Security Intelligence Organisation Report to Australia’s
Parliament 2010‐2011 states that espionage by foreign intelligence services is
an enduring security threat to Australia, both conventional and new forms,
such as cyber espionage. Our increasing reliance on communications
technology to conduct the business of Government, commerce and our daily
lives makes Australians more vulnerable to malicious attack. As such cyber
security has emerged as a serious and widespread concern. States, as well as
disaffected individuals or groups, are able to use computer networks to view
or siphon sensitive, private, or classified information for the purpose of,
political, diplomatic or commercial advantage.
Individual records or files stored or transmitted on telecommunications
networks may not be classified or particularly sensitive in and of themselves
but, in aggregate, they can give foreign states and other malicious actors a
range of intelligence insights not otherwise readily available.
This threat extends to information vital to the effective day‐to‐day operation
of critical national industries and infrastructure, including intellectual
property and commercial intelligence.
It is imperative that Australia’s intelligence agencies are appropriately
equipped to protect Australia’s vital national security interests. This includes
the ability for Australia’s foreign intelligence and security services to interact
and work seamlessly together.”
Such considerations, we assume are common to all allied nations. We offer
such a mechanism installed and proven.
Hardcat’s NSW Police EFIMS addresses the question as to how an extraordinary amount of data can be filtered and allocated a security level according to its purpose. The debate may revolve, inter alia, around what data should be centralised and operated on and what can remain distributed in the field. This is the decision of the system administrators. EFIMS is both fixed and mobile. A nation’s National Security Committee (or Lead Body) can determine in what context the Sabre System is applied to national, states, territories and any local government management of its own law enforcement and agencies’ data, extent of sharing, privacy and cooperation in national security activities.
15
15
Information provided by commercial enterprise drawn into EFIM’s capabilities incorporates required and offered participation by industry. It can operate in a covert manner if required, assembling information on how criminal elements infiltrate corporate enterprise and use it as well as tracking parties external to that enterprise. A disparate patch work quilt of policies and actions by governments and key agencies and sectors of business enterprise (banking, utilities, telecommunications, document issuance and so on) serves to advantage criminal elements. Sabre suddenly encapsulates these disparate webs of information source. This proposal acknowledges the role of the agency that may be responsible for cyber security policy in a nation. One might assume, or external parties in the private sector may claim, they hold a similar philosophy as their government/s in defining measures relating to the confidentially, availability and integrity of information that is processed stored and communicated by electronic or similar means and which can contribute to national security surveillance and analysis. We find these contentions irrelevant to what we propose. Sabre is not something they can replicate because its features are ultimately “classified”. The record shows that not too many enterprise CEO and Boards are keen to enable data retrieval from their corporate systems and additionally they may resist the costs involved in participation in any nation’s national security. To our mind this is also irrelevant. Commercial enterprise expects to be protected from terrorism, criminals and be provided with secure policing and security and there comes a cost with that. Our Sabre proposal minimises that cost dramatically when compared to what big integrators my offer governments, and agencies, conceptually. Even if they do offer something they do not operate holistically as Hardcat EFIMS does. This is not to say that integrators need not be involved in the development and implementati9on of a Sabre system such as NSW Police EFIMS. Hardcat is a small company and governments will decide under what financial
16
16
and implementation scope Sabre would proceed. Hardcat can provide the foundation intellects that built EFIMS on time and to budgeted cost required by NSW Police. A nation’s national security, economic prosperity and social wellbeing are critically dependent upon the availability, integrity and confidentiality of a range of information and communications technologies. This includes desktop computers, the internet, mobile communications devices and other computer systems and networks and may I add products that are provided by external parties such as passports, employee identity, smart cards, tokens, credit cards and any other instrument that deals with data. All of these are vital elements to building a state of the art response to the challenges posed by fundamentalism, ideology, terrorism, activism and criminality. Telecommunication providers can play an active role inputting data automatically into a National System for later analysis and processing, just as airlines, shipping and other industries can play a contributing role. We can all cite an increase in malicious code, attacks and criminal activity, as is particularly the case for financial transactions and sensitive commercial or personal identity including theft thereof, or the creation of one core document to breed others for the purpose of opening a bank account, a social security identity, a driver licence and more. Terrorists can strike in many ways and rogue nations can attack Australia’s underlying financial systems and business using fake identities, credit cards, passports and other instruments. In all of this governments have to balance national security against the civil liberties of citizens, including the right to privacy, and the inherent need to promote efficiency and innovation to ensure that a nation realises its full potential. This task is compounded by vested interests and users who are free with their private information on social media, perhaps not fully understanding the dangers and yet resist having their metadata examined? In this proposal we are not concerned with civil liberties, a Sabre National Security System can be programmed to do whatever you want it to including limiting its reach and intervention or making it covert. That is a decision for government.
17
17
Within this proposal we are moving beyond the mere concept of a Cyber Security Centre gathering data and using the Internet and supporting the government’s objective of cyber safety focused on protecting individuals, particularly children, from offensive content, bullying, stalking or grooming online for the purposes of sexual exploitation to a broader economic and social contexts, requiring coordination of other related policies, programmes and industry participation. There is a role for industry in this scope particular in the federation of competing interests, and knowledge awareness of federal, state and territories. A global network of criminal elements has emerged, literally coming together like a new generation mafia, using whole countries (pariah states, states under sanctions and so on) whilst integrating this into institutional structures (government, banking, financial systems, utilities, technology and telecommunications) across the world to launder large volumes of money, to create fraud and as we also know to fund terrorism. This is not simply the transactional movement of funds involving the complicity of a bank or other structure it is the actual manufacture of the foundation for that movement beyond data transfer in computer systems and on the internet to physical instruments such as credit cards, chips in mobile devices and identity instruments. The clients of these outputs are those who embrace serious badness. EFIMS’s forensic capabilities are designed to enable capture of all of this intelligence with authorized access by as many agencies as required to work on the data and use it according to their individual charters. If you want to package up cyber data such as web sites preying on children or any such thing Sabre National Security will do it. Every honest business, and person with integrity at their core, would support the National Leadership approach by within a federation of a shared responsibility in the communication, and storage, of sensitive information (of all types) and the obligations of mutual respect for the information and systems of other users. Not only the public service should be engaged, through knowledge leadership and action, in a partnership approach to cyber and national security across all of a nation’s governments (state or other) the private sector and the broader nation community is essential along with our nation’s allies and multi-national global corporations that cross borders.
18
18
Globalism supports many players and is a major fillip for the criminal person and the criminal state. Just we install systems in government to produce identity, across a myriad of agencies in Australia, all with varying or no level of security EFIMS is the prototype from which you build the capacity to be ahead of them. All business and government entities require risk management in a globalised world where interoperability and internet-connected systems are potentially vulnerable and where cyber - attacks are difficult to detect, there is no such thing as absolute cyber security. However on too many occasions, entities operate in a state of unawareness of what human and machine networks they are in and supporting, knowingly or unknowingly. In concert with government, and community, everyone must be brought into the policy and the intelligence exchange, and all must apply a risk-based approach to assessing, prioritising and resourcing cyber security activities within the values paradigm of their individual operations. Many enterprises educate customers, and others, with whom they come into contact (at exhibitions, conferences and seminars) as to the cyber risks of instruments that individuals carry and use, phones, credit cards and other devices. As a part of their own cyber security they must operate, and maintain, secure and resilient information and communications technologies to protect the integrity of operations and the identity and privacy of the customers and end users. This vitally includes corporations engaged in the manufacture, and distribution of critical identities and software particularly everyday commercial software that can also be used for elicit purposes. International governments and jurisdictional agencies, working together as allies, can assist in educating, and empowering, all citizens with the information, confidence and practical tools to protect themselves online and in their financial and other transactions but what of the hidden criminal operations described previously that pray upon ignorance, greed and human nature? Governments may promote security and resilience in infrastructure, networks, products and services across governments, including parliamentarians, associated people, employees and communities but this is but one part of the puzzle and vital mosaic that builds to protect our nation and our cooperation with like - minded (allied) sovereign states around the world. It is but one part of our proposal’s potential.
19
19
The private sector and government agencies the world over look to the protection of their ICT systems but to what extent do they ponder how criminal elements become embedded and institutionalised as part of those structures? They take live (or deceased) identities and data to manufacture other things for their needs (breeder documents) and then send them into the legitimate world. Companies and, more particularly, those with global footprints must work with agencies like CERT Australia to assist the owners, and operators, of critical infrastructure, and systems, of national interest and add support to such a nation’s own body (like CERT) within a global community of computer emergency response teams (CERTs) to support international collaboration in regards to cyber and national security issues and also complement the work of a nation’s Cyber Security Operations Centre. These collaborative arrangements can also serve to make participants aware that their business can also provide the foundation and tools of crime and terrorism and to incite them to vigilance. Sabre is being offered as a tool in an arsenal of such vigilance. A sort of crime stoppers in technology form.
20
20
21
21